Описание
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.5 (исключая)
cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 91%
0.07128
Низкий
8.8 High
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
EPSS
Процентиль: 91%
0.07128
Низкий
8.8 High
CVSS3