WP Fastest Cache WordPress plugin vulnerabilities can lead to full site takeover and password leaks
Popular WordPress plugin WP Fastest Cache plugin was discovered by Jetpack security researchers to have multiple vulnerabilities that could allow an attacker to assume full administrator privileges. The exploits affect over a million WordPress installations.
The Authenticated SQL Injection allows a logged-in users to access administrator level information through the database.
A SQL Injection vulnerability is an attack that’s directed at the database, which is where the website elements, including passwords, are stored.
A successful SQL Injection attack could lead to a full website takeover.
More at original article: https://www.searchenginejournal.com/wp-fastest-cache-vulnerability/424278/amp/