The last thing any website owner or moderator wants to be worried about…
WP Fastest Cache, a WordPress plugin, is vulnerable to an SQL injection vulnerability, which could allow unauthenticated attackers to read the contents of the site’s database.WP Fastest Cache is a caching plugin that is used to speed up page loads, improve visitor experience, and improve the site’s Google search ranking. It is used by over a million sites, according to WordPress.org statistics.
According to WordPress.org download statistics, over 600,000 websites still use a vulnerable version of the plugin and are vulnerable to attacks. Automattic’s WPScan team disclosed the details of an SQL injection vulnerability, tracked as CVE-2023-6063 and with a high severity score of 8.6, that affects all versions of the plugin prior to 1.2.2.
SQL injection vulnerabilities occur when software accepts input that directly manipulates SQL queries, resulting in the execution of arbitrary SQL code that retrieves private information or commands. In this case, the flaw affects the ‘is_user_admin’ function of the ‘WpFastestCacheCreateCache’ class within the WP Fastest Cache plugin, which is designed to determine whether a user is an administrator by extracting the ‘$username’ value from cookies.
Because the ‘$username’ input isn’t sanitized, an attacker could manipulate it to change the SQL query executed by the plugin, resulting in unauthorized access to the database. WordPress databases typically contain sensitive data such as user data (IP addresses, emails, and IDs), account passwords, plugin and theme configuration settings, and other data required for the site’s functions.
WPScan will release a proof-of-concept (PoC) exploit for CVE-2023-6063 on November 27, 2023, but it should be noted that the vulnerability is not difficult to exploit. The WP Fastest Cache developer has released a fix in version 1.2.2, which was released yesterday. All plugin users are encouraged to update to the most recent version as soon as possible.