The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/92b1c6d8-51db-46aa-bde6-abdfb091aab5 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-05-30T07:49:14.686Z
Updated: 2023-05-30T07:49:14.686Z
Reserved: 2023-04-07T09:44:12.557Z
Link: CVE-2023-1938
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-30T08:15:09.713
Modified: 2023-11-07T04:05:26.757
Link: CVE-2023-1938
JSON object: View
Redhat Information
No data.
CWE
No CWE.