The WP Fastest Cache plug-in for optimizing the loading times of WordPress websites offered attack options for cross-site scripting (XSS) and SQL injection. An update is available for the more than one million users of the cache plugin: WP Fastest Cache 0.9.5 eliminates the in all previous versions existing security problems.
If you haven’t updated the plugin yet, you should do so as soon as possible. Those who discovered the vulnerabilities rate the security risk as “high” to “critical”. The secured version has been on the WP Fastest Cache download site available.
A Blog entry from the company Jetpack gives details of the two vulnerabilities, which strangely have the same CVE ID (CVE-2021-24869), but different descriptions and CVSS scores (7.7 / “High” and 9.6 / “Critical”).
The score 7.7 relates to a possibility of SQL injection, which, however, only exists under certain conditions: The attacker must be logged in as a “normal” user and this must also be done in the attacked WP installation Plugin “Classic Editor” be installed. If these prerequisites are met, it is conceivable that sensitive data such as user names can be accessed in combination with password hashes.
The attack possibility rated 9.6 also exists without such restrictions, but requires user interaction with the website: In the course of a so-called cross-site request forgery attack, it is possible to carry out any actions with the rights of the administrator who was responsible for the attack was registered. In addition, the attacker could permanently smuggle malicious code into the website in question, which could later be used for “Stored XSS” attacks, for example.