CVE-2023-6063: WP Fastest Cache < 1.2.2 - Unauthenticated SQL Injection
First published: Mon Dec 04 2023(Updated: )
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.
Credit: contact@wpscan.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WP Fastest Cache | <1.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the WP Fastest Cache vulnerability?
The vulnerability ID for the WP Fastest Cache vulnerability is CVE-2023-6063.
What is the severity of CVE-2023-6063?
The severity of CVE-2023-6063 is high.
How does the WP Fastest Cache vulnerability occur?
The WP Fastest Cache vulnerability occurs due to improper sanitization and escaping of a parameter before using it in a SQL statement.
Who can exploit CVE-2023-6063?
CVE-2023-6063 can be exploited by unauthenticated users.
How can I fix the WP Fastest Cache vulnerability?
To fix the WP Fastest Cache vulnerability, update the plugin to version 1.2.2 or above.
- agent/references
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/title
- agent/author
- collector/epss-latest
- source/FIRST
- agent/description
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/wpfastestcache
- canonical/wp fastest cache