WordPress Plugin Vulnerabilities

WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF

Description

The plugin does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue

Note: CSRF was fixed in 1.1.4, the SSRF in 1.1.5

Proof of Concept

Affects Plugins

Plugin icon
wp-fastest-cache
Fixed in 1.1.5

References

CVE
CVE-2023-1938

Classification

Type
SSRF
OWASP top 10
A1: Injection
CWE
CWE-918
CVSS
3.4 (low)

Miscellaneous

Original Researcher
Erwan LR (WPScan)
Verified
Yes
WPVDB ID
92b1c6d8-51db-46aa-bde6-abdfb091aab5

Timeline

Publicly Published
2023-05-02 (about 2 years ago)
Added
2023-05-02 (about 2 years ago)
Last Updated
2023-05-02 (about 2 years ago)

Other

Published
Title
Published
2024-02-23
Title
SuperFaktura WooCommerce < 1.40.4 - Authenticated (Subscriber+) Blind Server-Side Request Forgery
Published
2025-01-03
Title
Compact WP Audio Player < 1.9.15 - Authenticated (Contributor+) Server-Side Request Forgery
Published
2024-04-12
Title
Wappointment < 2.6.1 - Admin+ SSRF
Published
2024-02-06
Title
WP RSS Aggregator < 4.23.6 - Authenticated (Admin+) Server-Side Request Forgery via RSS Feed Source
Published
2022-08-12
Title
Rank Math SEO < 1.0.95.1 - Unauthenticated SSRF