WordPress Plugin Vulnerabilities

WP-Super-Cache 1.3 - Remote Code Execution

Description

The WP Super Cache WordPress plugin was affected by a Remote Code Execution security vulnerability.

Affects Plugins

Plugin icon
wp-super-cache
Fixed in 1.3.2

References

CVE
CVE-2013-2011
CVE
CVE-2013-2009
URL
https://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
8.8 (high)

Miscellaneous

Verified
No
WPVDB ID
eb7d1384-a508-4181-b88c-cbd574506713

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2020-09-22 (about 3 years ago)

Other

Published
Title
Published
2024-02-14
Title
Bricks < 1.9.6.1 - Unauthenticated Remote Code Execution
Published
2023-09-26
Title
Ni Purchase Order(PO) For WooCommerce < 1.2.2 - Admin+ File Upload to Remote Code Execution
Published
2022-02-03
Title
Ad Inserter < 2.7.11 - Admin+ RCE / Stored XSS
Published
2020-01-21
Title
AccessAlly < 3.3.2 - Unauthenticated Arbitrary PHP Code Execution
Published
2024-03-13
Title
Multiple Page Generator Plugin – MPG < 3.4.1 - Authenticated (Editor+) Remote Code Execution