Skip to main content

WordPress WP Super Cache Plugin PHP Code Execution Vulnerability

Last Update Date: 26 Apr 2013 14:46 Release Date: 26 Apr 2013 4412 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in the WP Super Cache plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

 
The vulnerability is caused due to the plugin not properly sanitising certain tags and can be exploited to insert and execute arbitrary PHP code via e.g. mfunc and mclude tags within comments.

Impact

  • Remote Code Execution

System / Technologies affected

  • WordPress WP Super Cache Plugin 1.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 1.3.2.

Vulnerability Identifier


Source


Related Link