WP Fastest Cache is among a handful of WordPress plugins meant to improve the performance of a website. It seeks to reduce the frequency of database queries necessary to render the website and related server load by producing and maintaining a static replica of the articles and webpages.
JetPack security experts uncovered several vulnerabilities in the popular WordPress plugin WP Fastest Cache that might enable an attacker to fully exploit admin rights. Outcomes have an impact on over a million WordPress installations.
There are several flaws that have been discovered by the researchers, two of the many are:
- Authentic MySQL Injection
Using an authenticated MySQL injection login, users can gain access to administrator-level data in the system.
A MySQL injection vulnerability is a cyberattack on a database server that stores website components such as credentials and usernames. An effective MySQL injection attack might result in a total website takeover.
“If exploited, MySQL injection bugs can give attackers access to privileged information from the affected site’s database (such as username and hash password). This can only be exploited if the Classic Editor plugin is also installed and activated on the site,” stated The Jetpack Security Bulletin.
XSS was stored through cross-site request forgery
XSS (cross-site scripting) flaws are rather widespread and stem from flaws in website input correction. If somehow the user inserts something into the website, such as a contact form, and the data is not deleted, the user may be attacked by XSS.
Sanitization entails limiting what may be submitted to a single intended input, such as text, rather than a script or command. A faulty input enables the attacker to insert malicious scripts, which might also subsequently be used to target administrators who visit the site and install malicious files into their browsers; appears as though they are loading or blocking their credentials.
Whenever an intruder convinces a user, such as a login administrator, into accessing the site and executing different actions, it is referred to as a cross-site application forgery.
Such vulnerabilities are difficult to exploit since they rely on the traditional editor plugin being loaded and the attacker having some type of user verification. However, these flaws are still significant, and JetPack advises that customers must update their WP Fastest Cache plugins to at least version 0.95, which was released on October 14, 2021.
According to the jet pack: “If exploited, MySQL injection bug attackers can gain access to privileged information from the affected site’s database (such as username and hash password). Successful exploitation of the vulnerabilities of CSRF and Stored XSS can allow bad actors to login to the administrator on the targeted site.”