The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.
References
Link | Resource |
---|---|
https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/ | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/30a74105-8ade-4198-abe2-1c6f2967443e | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-12-04T21:29:41.536Z
Updated: 2023-12-04T21:29:41.536Z
Reserved: 2023-11-09T19:22:57.391Z
Link: CVE-2023-6063
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-04T22:15:08.337
Modified: 2023-12-08T14:39:22.200
Link: CVE-2023-6063
JSON object: View
Redhat Information
No data.
CWE