Bug In WordPress Plugin Fastest Cache Allows Attackers To Access Website's Database

The WP Fastest Cache WordPress plugin, utilized by over a million sites to enhance page speed and user experience, is susceptible to an SQL injection flaw. This vulnerability (CVE-2023-6063, severity score 8.6) affects all versions preceding 1.2.2, allowing unauthorized attackers to potentially access the site's database. Current statistics indicate that more than 600,000 websites are still operating a vulnerable version of the plugin, posing a security risk. SQL injection vulnerabilities arise from accepting input that manipulates SQL queries, enabling the execution of arbitrary code and retrieval of sensitive information. Read more...