In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin.
This vulnerability, categorized as an unauthenticated SQL injection, could potentially grant unauthorized access to sensitive data in the WordPress database.
The vulnerability, identified as CVE-2023-6063, affects versions of WP Fastest Cache lower than 1.2.2.
Upon making this discovery during an internal review, the team at WPScan acted swiftly to inform the plugin’s development team.
In response, the developers promptly released version 1.2.2 to address and rectify the issue.
Examining the vulnerability
The crux of the vulnerability lies in the