Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the authentication of unspecified victims for requests that call the (1) saveOption, (2) deleteCache, (3) deleteCssAndJsCache, or (4) addCacheTimeout method via the wpFastestCachePage parameter in the WpFastestCacheOptions/ page.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2015/05/26/20 | Mailing List Third Party Advisory |
https://wordpress.org/plugins/wp-fastest-cache/#developers | Third Party Advisory |
https://wpvulndb.com/vulnerabilities/9756 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-19T15:00:00
Updated: 2019-09-01T05:06:06
Reserved: 2015-05-26T00:00:00
Link: CVE-2015-4089
JSON object: View
NVD Information
Status : Modified
Published: 2017-09-19T15:29:00.913
Modified: 2019-09-01T06:15:09.963
Link: CVE-2015-4089
JSON object: View
Redhat Information
No data.
CWE