WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites

In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin. 

This vulnerability, categorized as an unauthenticated SQL injection, could potentially grant unauthorized access to sensitive data in the WordPress database.

The vulnerability, identified as CVE-2023-6063, affects versions of WP Fastest Cache lower than 1.2.2. 

Upon making this discovery during an internal review, the team at WPScan acted swiftly to inform the plugin’s development team. 

In response, the developers promptly released version 1.2.2 to address and rectify the issue.

Examining the vulnerability

The crux of the vulnerability lies in the

 
Cartoonish image of a PC with a vulnerability.

WP Fastest Cache, a WordPress plugin currently in use by over 1 million users that assists in more efficiently delivering their websites, is addressing a security issue with its 1.2.2 release. This update addresses an SQL injection vulnerability found during an internal review by the WPScan team. The vulnerability made it possible for an unauthenticated attacker to access the entirety of a WordPress database with timebased blind SQL injection payload.

The WP Fastest Cache development team was immediately alerted to this vulnerability by WPScan, which lead to the 1.2.2 update that contains the fix for this issue. It’s

 



CNN
 — 

False claims that President Joe Biden fell asleep during a moment of silence for victims of the Maui wildfire. A conspiracy theory that the latest surge in Covid-19 cases is being orchestrated by the Democratic Party ahead of the election. An obituary for a late NBA player that described him as “useless.”

These false and bizarre stories aren’t showing up on some far-flung corner of the internet — they’re being published by Microsoft. The company’s homepage, also known as MSN.com and Microsoft Start, remains one of the world’s most trafficked websites and a place where millions of Americans

 

A Chinese flag flies outside a residential compound in Beijing on April 30, 2017.

Greg Baker | Afp | Getty Images

Chinese companies have gained ground in global patent holdings in the cybersecurity technology sector amid growing U.S.-China tensions, according to a report from Nikkei Asia on Sunday.

Chinese firms such as Huawei and Tencent accounted for six of the top 10 global patent holdings in the cybersecurity technology sector as of August, based on data compiled by Nikkei in cooperation with U.S. information services provider LexisNexis. The data took into account patents registered across 95 countries and regions.

The

 

Last summer, we launched Shopify Editions, a twice-annual update on all the products that have launched in the previous half year. Today, we’re releasing our Winter ‘23 Edition, full of products to help speed up your development process and further customize your commerce builds.

In this article, we break down the developer announcements included in the newest release. To get the full scoop on all the products impacting Shopify developers, head over to the Build With Us solution on the Shopify Editions website. 

Go to Build With Us

Stand out with the Built for Shopify program

Developer Highlights From our Winter ’23 Edition (2023)

Introducing the next phase

 

Shopify is always looking for ways to make it easier for merchants to find the right apps for their business, and that includes making sure that searching the Shopify App Store serves up the most relevant and useful results possible.

While we never stop making improvements behind the scenes, we wanted to let you know about some notable search updates shipping this week that may impact where your app shows up in search rankings and how much traffic your app listing gets.

 

About

muryou-erogazou.net provide by The top global media Technology, Gadget, Website, SEO, Internet Marketing,Digital marketing.