WP Fastest Cache Plugin Bug Exposes 600K WordPress Sites to Attacks
The WordPress plugin WP Fastest Cache has been found to have a vulnerability that allows unauthenticated attackers to access the site's database. The SQL injection vulnerability, tracked as CVE-2023-6063 and with a high-severity score of 8.6, can be exploited by manipulating a cookie value to execute unauthorized SQL queries. Over 600,000 websites are still running a vulnerable version of the plugin, but a fix has been released in version 1.2.2. Users are advised to update to the latest version to protect their sites.