CVE-2021-24209

The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for a web shell injection.

Published: Apr 5, 2021
Updated: Aug 25, 2024
CVE: CVE-2021-24209
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-94
CWE-20

Affected Software
References

Software	From	Fixed in
automattic / wp_super_cache	-	1.7.2
WP Super Cache	-	1.7.2

https://m0ze.ru/vulnerability/[2021-03-13]-[WordPress]-[CWE-94]-WP-Super-Cache-WordPress-Plugin-v1.7.1.txt
https://plugins.trac.wordpress.org/changeset/2496238/wp-super-cache
https://wpscan.com/vulnerability/733d8a02-0d44-4b78-bbb2-37e447acd2f3

Vulnerability Database

290,020

CVE-2021-24209