Popular WordPress caching plugin allows the attackers to gain access to user credentials and getting access to the admin accounts. The vulnerabilities of the plugin was discovered during an internal audit of Jetpack Security. The researchers from Jetpack provided more technical detail in a blog post. A demonstration of the attacks is also shown.
High CVSS scores
An SQL injection vulnerability with a CVSS score of 7.7 was the first flaw to be detected. It affects the database of the websites and could provide attackers with privileged information to the website, such as usernames and passwords that are hashed. However, this SQL injection bug could only be used and exploited if the website is using the classic-editor plugin actively.
Exploitation via cross-site request forgery (CSRF), cross-site scripting bug could also be used, which has a CVSS score of 9.6. This bug has a high vulnerability that could allow attackers to impose as admins or users without any detection. The same research team also discovered that they could store “Rogue JavaScript” on the affected target.
WordPress Fastest Cache users are strongly advised to update to the latest version of 0.9.5, which has protection protocols against these various vulnerabilities.