WordPress Plugin Vulnerability Report – SpeedyCache – Missing Authorization via speedycache_create_test_cache
Plugin Name: SpeedyCache
Key Information:
- Software Type: Plugin
- Software Slug: speedycache
- Software Status: Active
- Software Author: softaculous
- Software Downloads: 746,740
- Active Installs: 100,000
- Last Updated: December 1, 2023
- Patched Versions: 1.1.3
- Affected Versions: <= 1.1.2
Vulnerability Details:
- Name: SpeedyCache <= 1.1.2 - Missing Authorization via speedycache_create_test_cache
- Title: Missing Authorization via speedycache_create_test_cache
- Type: Missing Authorization
- CVSS Score: 4.3 (Medium)
- Publicly Published: December 1, 2023
- Description: The SpeedyCache – Cache, Optimization, Performance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the speedycache_create_test_cache function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access or higher to create a sample cache.
Summary:
The SpeedyCache plugin for WordPress has a vulnerability in versions up to and including 1.1.2 that allows authenticated users with subscriber access or higher to unauthorizedly create sample caches due to a missing capability check in the speedycache_create_test_cache function. This vulnerability has been patched in version 1.1.3.
Detailed Overview:
Researchers disclosed on December 1, 2023 that the popular SpeedyCache plugin, which optimizes caching and performance of WordPress sites, contains an authorization vulnerability. In affected versions, the speedycache_create_test_cache function fails to check user capabilities before executing code that creates a sample cache. As a result, any authenticated user with subscriber access or higher could create test caches for malicious purposes. This could lead to denial of service or other impacts from cache manipulation. The vulnerability is fixed as of version 1.1.3, which properly checks capabilities on this function. Site owners should update as soon as possible to prevent potential exploitation of this issue from logged-in users.
Advice for Users:
- Immediate Action: Update to version 1.1.3 or later to patch this vulnerability.
- Check for Signs of Vulnerability: Review your SpeedyCache logs for any unauthorized cache creations.
- Alternate Plugins: Consider alternate caching plugins like WP Rocket or WP Fastest Cache as a precaution.
- Stay Updated: Always keep plugins updated, especially ones that manage security-sensitive functionality like caches.
Conclusion:
The prompt patch from the SpeedyCache developers addresses this vulnerability that could have enabled denial-of-service attacks or other issues. Users should apply version 1.1.3 immediately to prevent exploitation by authenticated users. Regular plugin updates remains crucial for security.
References:
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/speedycache
Detailed Report:
Keeping your website secure should be a top priority - but it's not always easy, especially when vulnerabilities are found in popular plugins. That's why the recently disclosed authorization vulnerability in versions of the SpeedyCache WordPress plugin is so concerning. This caching and performance optimization plugin is active on over 100,000 WordPress sites.
SpeedyCache has been downloaded over 740,000 times from the WordPress repository. It is developed by softaculous and improves site speed by setting up caches to serve pages faster.
Unfortunately, researchers recently disclosed that versions up to and including 1.1.2 contain an authorization vulnerability. The speedycache_create_test_cache function fails to check user capabilities, allowing authenticated users with only subscriber access to create test caches. Attackers could leverage this to create unnecessary caches that overwhelm resources and cause denial-of-service impacts.
While a denial-of-service attack may not lead to data theft, it can still effectively shut down your site and prevent legitimate access. This causes loss of business, productivity, and trust.
The good news is SpeedyCache version 1.1.3 fixes this vulnerability by adding proper capability checks. However, if you are running an older version, you should update immediately.
This is not the first vulnerability found in SpeedyCache recently. Version 1.1.1 patched a critical authenticated SQL injection flaw disclosed in October. Several cross-site scripting issues were also addressed earlier in 2023.
Staying on top of security and updates for WordPress plugins is challenging, especially for small business owners without large IT teams. But ignoring warnings can lead to big problems down the road. We highly recommend making it company policy to update WordPress, themes, and plugins regularly, especially when security issues are reported. For SpeedyCache specifically, move to version 1.1.3 or higher right away.
As a business owner, you don't have time to constantly monitor for WordPress vulnerabilities like this. At Your WP Guy, we become your outsourced IT team to handle security, updates, maintenance and support. Let us fully audit your site and plugins to assess any impact from this issue. We'll update everything to patched versions so you can rest easy knowing your site is locked down.
Focus on your business goals while we focus on your WordPress site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 for a free consultation on securing your online presence.