Boletines de Vulnerabilidades

Arbitrary Directory Deletion in WP-Fastest-Cache

Información sobre el sistema
   
Software afectado Wordpress

Descripción
http://feedproxy.google.com/~r/sucuri/blog/~3/dJRlgHKTUzY/arbitrary-directory-deletion-in-wp-fastest-cache.html The WP-Fastest-Cache plugin authors released a new update, version 0.8.9.1, fixing a vulnerability (CVE-2019-6726) present during its install alongside the WP-PostRatings plugin. According to seclists.org: “A successful attack allows an unauthenticated attacker to specify a path to a directory from which files and directories will be deleted recursively. The vulnerable code path

More info:

http://feedproxy.google.com/~r/sucuri/blog/~3/dJRlgHKTUzY/arbitrary-directory-deletion-in-wp-fastest-cache.html

Identificadores estándar
Propiedad Valor
CVE CVE-2019-6726.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2019-03-20

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT