CVE-2015-4089

Name of the Vulnerable Software and Affected Versions WP Fastest Cache plugin versions prior to 0.8.3.5

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function within the admin.php file of the WP Fastest Cache plugin. These vulnerabilities allow remote attackers to hijack the authentication of victims for requests that call specific methods, including saveOption, deleteCache, deleteCssAndJsCache, or addCacheTimeout, via manipulation of the wpFastestCachePage parameter in the WpFastestCacheOptions/ page.

Recommendations For WP Fastest Cache plugin versions prior to 0.8.3.5, update to version 0.8.3.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin.php file and the WpFastestCacheOptions/ page to minimize the risk of exploitation. Avoid using the wpFastestCachePage parameter in the affected page until the issue is resolved.