WordPress Plugin Vulnerabilities

WP Fastest Cache <= 0.8.9.5 - Directory Traversal

Description

The WP Fastest Cache WordPress plugin was affected by a Directory Traversal security vulnerability.

Affects Plugins

Plugin icon
wp-fastest-cache
Fixed in 0.8.9.6

References

CVE
CVE-2019-13635
URL
https://packetstormsecurity.com/files/#153821/
URL
https://seclists.org/bugtraq/2019/Jul/53
URL
https://plugins.trac.wordpress.org/changeset/2124614
URL
https://plugins.trac.wordpress.org/changeset/2124619

Classification

Type
TRAVERSAL
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
9.1 (critical)

Miscellaneous

Original Researcher
Imre Rad
Submitter
Ryan Dewhurst
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
7d42dbf7-965d-49ae-9993-4c44cffeffd9

Timeline

Publicly Published
2019-07-28 (about 6 years ago)
Added
2019-08-13 (about 6 years ago)
Last Updated
2026-04-13 (about 29 days ago)

Other

Published
Title
Published
2023-11-13
Title
Frontend File Manager < 22.7 - Editor+ Arbitrary File Download
Published
2022-08-22
Title
WPvivid Backup < 0.9.76 - Admin+ Arbitrary File Read
Published
2022-08-09
Title
WPide < 3.0 - Admin+ Arbitrary File Read
Published
2022-06-06
Title
Product Configurator for WooCommerce < 1.2.32 - Unauthenticated Arbitrary File Deletion
Published
2022-11-29
Title
Simple:Press < 6.8.1 - Admin+ Arbitrary File Update