Injection vulnerabilities in popular WordPress plugin could expose credentials, allow admin access

Fastest Cache is used by more than one million people

Vulnerabilities in a popular WordPress plugin Fastest Cache could allow an attacker to gain access to credentials and takeover an admin account.

The security flaws in the extension, which has more than one million active downloads, were discovered during an internal audit of the software by Jetpack Security.

The first flaw, an SQL injection vulnerability which has a CVSS score of 7.7, could grant attackers access to privileged information from an affected site’s database, for example usernames…


More Info

About mblog.my

Check Also

New Prototype Runs WordPress in the Browser with No PHP Server – WP Tavern

Automattic-sponsored core contributor Adam Zielinski published a demo today of WordPress running in the browser …

Leave a Reply

Your email address will not be published. Required fields are marked *