WordPress Cache Images plugin <= 3.1 - Authenticated SQL Injection (SQLi) vulnerability
PSID
13e2157cbc1b
CVE ID
N/A
Classification
SQL Injection
OWASP Top 10
A1: Injection
Required privilege
Requires subscriber or higher role user authentication.
Credits
N/A
Publicly disclosed
2022-06-17
Patchstack vPatch available since
09.12.2021
Details
Authenticated SQL Injection (SQLi) vulnerability discovered in WordPress Cache Images plugin (versions <= 3.1).
Solution
Update the WordPress Cache Images plugin to the latest available version (at least 3.2).
References
Changeset