WP Fatest Cache < 1.1.5 - Blind SSRF via CSRF
CVE-2023-1938

8.8HIGH

Key Information:

Vendor: Wordpress
Status: WP Fastest Cache
Vendor: CVE Published:; 30 May 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The WP Fastest Cache plugin for WordPress, prior to version 1.1.5, exposes a vulnerability due to the absence of a CSRF check in its AJAX actions. This oversight allows for potential exploitation by unauthenticated users. Additionally, the plugin fails to properly validate user input when utilizing the wp_remote_get() function, which could lead to a Blind Server-Side Request Forgery (SSRF) attack. This flaw can be leveraged to make unauthorized requests to internal or external systems, potentially exposing sensitive data and leading to further compromise.

Affected Version(s)

WP Fastest Cache 0 < 1.1.5

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-1938 - Proof of Concept

References

https://wpscan.com/vulnerability/92b1c6d8-51db-46aa-bde6-...

exploitvdb-entrytechnical-description

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

🟡
Public PoC available
May 30, 2023
👾
Exploit known to exist
May 30, 2023
Vulnerability published
May 30, 2023
Vulnerability Reserved
Apr 7, 2023

Credit

Erwan LR (WPScan)

WPScan