The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete the sites cache.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wp_fastest_cache | Wpfastestcache | * | 1.1.2 (including) |