Directory Traversal Vulnerability in WP Fastest Cache by WP Fastest Cache
CVE-2021-20714

6.5MEDIUM

Key Information:

Vendor
WordPress
Status
WP Fastest Cache
Vendor
CVE Published:
27 April 2021

Summary

A directory traversal vulnerability has been identified in WP Fastest Cache, affecting versions prior to 0.9.1.7. This flaw allows a remote attacker, provided they possess administrator privileges, to exploit the system and delete arbitrary files on the server. The attack can be executed via unspecified vectors, potentially compromising the integrity and availability of the web server. Website owners using this caching plugin should prioritize updating to the latest version to mitigate any associated risks.

Affected Version(s)

WP Fastest Cache versions prior to 0.9.1.7

References

https://www.wpfastestcache.com/
x_refsource_MISC
https://wordpress.org/plugins/wp-fastest-cache/
x_refsource_MISC
https://jvn.jp/en/jp/JVN35240327/index.html
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.