Blind SSRF Vulnerability in WP Fastest Cache WordPress Plugin
CVE-2023-1938 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wp_remote_get() function, leading to a Blind SSRF issue
Learn more about our Wordpress Pen Testing.