What is CVE-2023-1928?

CVE-2023-1928 is a medium-severity vulnerability in the WP Fastest Cache plugin for WordPress (versions up to 1.1.2). This vulnerability allows authenticated attackers with subscriber-level access to modify data without proper authorization.

Who is impacted by CVE-2023-1928?

Users of the WP Fastest Cache plugin for WordPress (versions up to 1.1.2) are affected. Authenticated attackers with subscriber-level access can exploit this vulnerability to initiate cache creation without proper authorization.

What to do if CVE-2023-1928 affected you

If you're affected by the CVE-2023-1928 vulnerability, it's important to take action to secure your WordPress website. Follow these simple steps:

1. Update the WP Fastest Cache plugin to version 1.1.3 or a newer patched version.

2. Regularly check for and install updates for all your WordPress plugins.

3. Follow best security practices for maintaining your WordPress website.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1928 vulnerability in the WP Fastest Cache plugin for WordPress is not listed in CISA's Known Exploited Vulnerabilities Catalog. This security issue allows attackers with subscriber-level access to initiate cache creation without proper authorization in plugin versions up to and including 1.1.2. To address this vulnerability, update the plugin to version 1.1.3 or higher.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-862, which refers to a missing authorization issue in the WP Fastest Cache plugin for WordPress.

Learn More

For a comprehensive understanding of this vulnerability, visit the NVD page or refer to the sources below.

• WordPress Development Changeset

• Wordfence Vulnerability Report

• CVE Record