Remote Code Execution Vulnerability in WordPress WP Super Cache Plugin
CVE-2013-2009

8.8HIGH

Key Information:

Vendor
Wordpress
Status
WP Super Cache Plugin
Vendor
CVE Published:
7 February 2020

Summary

The WP Super Cache Plugin version 1.2 for WordPress is susceptible to a Remote PHP Code Execution vulnerability. This flaw allows an attacker to execute arbitrary PHP code on the server through crafted requests, potentially leading to unauthorized access or control over the affected WordPress installations. It is crucial for users of this plugin to apply the necessary updates to mitigate risks associated with this vulnerability.

Affected Version(s)

WP Super Cache Plugin 1.2

References

http://www.openwall.com/lists/oss-security/2013/04/24/10
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/04/24/8
x_refsource_MISC
http://www.securityfocus.com/bid/59470
x_refsource_MISC

EPSS Score

19% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.