CVE-2023-6598

Summary

CVE-2023-6598 is a vulnerability affecting the SpeedyCache plugin for WordPress. This issue allows authenticated attackers, with subscriber-level access and above, to manipulate plugin options due to a missing capability check on the speedycache_save_varniship, speedycache_img_update_settings, speedycache_preloading_add_settings, and speedycache_preloading_delete_resource functions, present in all versions up to and including 1.1.3. As a result, unauthorized modifications to data can occur. WordPress users are encouraged to update their plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.