Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
A recent vulnerability gives hackers access to sensitive databases.
The popular WordPress plugin for speeding up page loading, WP Fastest Cache, contains a SQL Injection vulnerability that allows unauthorized attackers to gain access to the content of the site's database.
Download statistics from WordPress.org shows that the plugin is used on a total of more than a million sites, while vulnerable versions are installed on more than 600 thousand.
Automattic's WPScan team has revealed details of CVE-2023-6063 in a detailed report. The degree of vulnerability risk, however, is estimated by various researchers from 6.1 points to 9.8 points on the CVSS scale. The flaw affects all versions of the plugin up to 1.2.2.
SQL injection vulnerabilities occur when software accepts input data that directly manipulates SQL queries, which leads to the execution of arbitrary code.
In the case of CVE-2023-6063, the "is_user_admin" function of the "WpFastestCacheCreateCache" class is vulnerable. It is designed to check whether the user is an administrator by extracting the "$username " value from cookies.
Since "$username" is not checked in this case, an attacker can manipulate this value to modify the plugin's SQL query and gain unauthorized access to the database.
WordPress databases usually contain sensitive information about users, account passwords, plugin settings, themes, and other data necessary for the site to work.
On November 27, 2023, WPScan will publish a PoC exploit for CVE-2023-6063, although it is not difficult to exploit the vulnerability without it.
The developer of WP Fastest Cache released a fix in version 1.2.2, which became available just a couple of days ago. All users of the plugin are advised to update to the latest version as soon as possible to avoid the potential risk of compromise.
The popular WordPress plugin for speeding up page loading, WP Fastest Cache, contains a SQL Injection vulnerability that allows unauthorized attackers to gain access to the content of the site's database.
Download statistics from WordPress.org shows that the plugin is used on a total of more than a million sites, while vulnerable versions are installed on more than 600 thousand.
Automattic's WPScan team has revealed details of CVE-2023-6063 in a detailed report. The degree of vulnerability risk, however, is estimated by various researchers from 6.1 points to 9.8 points on the CVSS scale. The flaw affects all versions of the plugin up to 1.2.2.
SQL injection vulnerabilities occur when software accepts input data that directly manipulates SQL queries, which leads to the execution of arbitrary code.
In the case of CVE-2023-6063, the "is_user_admin" function of the "WpFastestCacheCreateCache" class is vulnerable. It is designed to check whether the user is an administrator by extracting the "$username " value from cookies.
Since "$username" is not checked in this case, an attacker can manipulate this value to modify the plugin's SQL query and gain unauthorized access to the database.
WordPress databases usually contain sensitive information about users, account passwords, plugin settings, themes, and other data necessary for the site to work.
On November 27, 2023, WPScan will publish a PoC exploit for CVE-2023-6063, although it is not difficult to exploit the vulnerability without it.
The developer of WP Fastest Cache released a fix in version 1.2.2, which became available just a couple of days ago. All users of the plugin are advised to update to the latest version as soon as possible to avoid the potential risk of compromise.
