CVE-2019-13635

moderate-risk
Published 2019-07-30

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.

Do I need to act?

~
3.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Wpfastestcache

References (12)

Third Party Advisory http://packetstormsecurity.com/files/153821/WordPress-WP-Fastest-Cache-0.8.9.5-D...
Patch https://plugins.trac.wordpress.org/changeset/2124614
Patch https://plugins.trac.wordpress.org/changeset/2124619
Mailing List https://seclists.org/bugtraq/2019/Jul/53
Release Notes https://wordpress.org/plugins/wp-fastest-cache/#developers
https://wpvulndb.com/vulnerabilities/9507
Third Party Advisory http://packetstormsecurity.com/files/153821/WordPress-WP-Fastest-Cache-0.8.9.5-D...
Patch https://plugins.trac.wordpress.org/changeset/2124614
Patch https://plugins.trac.wordpress.org/changeset/2124619
Mailing List https://seclists.org/bugtraq/2019/Jul/53
Release Notes https://wordpress.org/plugins/wp-fastest-cache/#developers
https://wpvulndb.com/vulnerabilities/9507
43
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 7/34 · Low
Exposure 5/34 · Minimal