WordPress Plugin Vulnerabilities

WP Fastest Cache <= 0.8.5.9 - Local File Inclusion (LFI)

Description

The WP Fastest Cache WordPress plugin was affected by a Local File Inclusion (LFI) security vulnerability.

Affects Plugins

Plugin icon
wp-fastest-cache
Fixed in 0.8.5.9

References

URL
https://sumofpwn.nl/advisory/2016/wp_fastest_cache_member_local_file_inclusion_vulnerability.html
URL
https://seclists.org/fulldisclosure/2016/Jul/29

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1c9e81b9-8a7c-44ce-8c8d-2edb35ae44a1

Timeline

Publicly Published
2016-07-13 (about 9 years ago)
Added
2016-07-13 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2022-03-30
Title
Cab fare calculator < 1.0.4 - Unauthenticated LFI
Published
2024-11-11
Title
WOLF < 1.0.8.4 - Authenticated (Editor+) CSV Path Traversal
Published
2024-07-08
Title
Panda Video < 1.4.1 - Authenticated (Contributor+) Local File Inclusion
Published
2024-03-15
Title
Backuply – Backup, Restore, Migrate and Clone < 1.2.8 - Admin+ Directory Traversal
Published
2025-01-06
Title
Error Log Viewer By WP Guru < 1.0.4 - Missing Authorization to Unauthenticated Arbitrary File Read