Description
WordPress Plugin WP Fastest Cache is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin WP Fastest Cache version 0.8.9.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.8.9.1 or latest
References
https://0day.work/cve-2019-6726-arbitrary-file-deletion-in-wp-fastest-cache-0-8-8-1/
https://plugins.svn.wordpress.org/wp-fastest-cache/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)
WordPress Plugin GTM4WP Cross-Site Scripting (1.9)
PostgreSQL CVE-2023-39418 Vulnerability (CVE-2023-39418)
WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1)
WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)