CVE-2021-24870 (GCVE-0-2021-24870)
Vulnerability from cvelistv5 – Published: 2024-01-16 15:49 – Updated: 2025-05-12 14:43
VLAI?
Title
WP Fastest Cache < 0.9.5 - CSRF to Stored Cross-Site Scripting
Summary
The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | WP Fastest Cache |
Affected:
0 , < 0.9.5
(semver)
|
Credits
Marc Montpas
WPScan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:13.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-24870",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T14:40:49.250655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T14:43:12.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "WP Fastest Cache",
"vendor": "Unknown",
"versions": [
{
"lessThan": "0.9.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T15:49:40.356Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/"
},
{
"url": "https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP Fastest Cache \u003c 0.9.5 - CSRF to Stored Cross-Site Scripting",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24870",
"datePublished": "2024-01-16T15:49:40.356Z",
"dateReserved": "2021-01-14T15:03:46.807Z",
"dateUpdated": "2025-05-12T14:43:12.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"0.9.5\", \"matchCriteriaId\": \"C5057D35-B8BB-4AC3-ADCD-F89EA6099A95\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload\"}, {\"lang\": \"es\", \"value\": \"El complemento de WordPress WP Fastest Cache anterior a 0.9.5 carece de una verificaci\\u00f3n CSRF en su acci\\u00f3n AJAX wpfc_save_cdn_integration, y no sanitiza ni escapa algunas de las opciones disponibles a trav\\u00e9s de la acci\\u00f3n, lo que podr\\u00eda permitir a los atacantes hacer que los usuarios registrados con altos privilegios lo llamen y configuren un payload de cross site scripting\"}]",
"id": "CVE-2021-24870",
"lastModified": "2024-11-21T05:53:55.470",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2024-01-16T16:15:09.153",
"references": "[{\"url\": \"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-24870\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2024-01-16T16:15:09.153\",\"lastModified\":\"2025-05-12T15:15:54.703\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload\"},{\"lang\":\"es\",\"value\":\"El complemento de WordPress WP Fastest Cache anterior a 0.9.5 carece de una verificaci\u00f3n CSRF en su acci\u00f3n AJAX wpfc_save_cdn_integration, y no sanitiza ni escapa algunas de las opciones disponibles a trav\u00e9s de la acci\u00f3n, lo que podr\u00eda permitir a los atacantes hacer que los usuarios registrados con altos privilegios lo llamen y configuren un payload de cross site scripting\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"0.9.5\",\"matchCriteriaId\":\"C5057D35-B8BB-4AC3-ADCD-F89EA6099A95\"}]}]}],\"references\":[{\"url\":\"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\", \"x_transferred\"]}, {\"url\": \"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T19:49:13.475Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-24870\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-12T14:40:49.250655Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-12T14:41:11.561Z\"}}], \"cna\": {\"title\": \"WP Fastest Cache \u003c 0.9.5 - CSRF to Stored Cross-Site Scripting\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Marc Montpas\"}, {\"lang\": \"en\", \"type\": \"coordinator\", \"value\": \"WPScan\"}], \"affected\": [{\"vendor\": \"Unknown\", \"product\": \"WP Fastest Cache\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.9.5\", \"versionType\": \"semver\"}], \"collectionURL\": \"https://wordpress.org/plugins\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/\", \"tags\": [\"exploit\", \"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/\"}], \"x_generator\": {\"engine\": \"WPScan CVE Generator\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-352 Cross-Site Request Forgery (CSRF)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-79 Cross-Site Scripting (XSS)\"}]}], \"providerMetadata\": {\"orgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"shortName\": \"WPScan\", \"dateUpdated\": \"2024-01-16T15:49:40.356Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-24870\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-12T14:43:12.736Z\", \"dateReserved\": \"2021-01-14T15:03:46.807Z\", \"assignerOrgId\": \"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81\", \"datePublished\": \"2024-01-16T15:49:40.356Z\", \"assignerShortName\": \"WPScan\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…