Blind SSRF Vulnerability in WP Fastest Cache WordPress Plugin

Blind SSRF Vulnerability in WP Fastest Cache WordPress Plugin

CVE-2023-1938 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue

Learn more about our Wordpress Pen Testing.