High severity8.0NVD Advisory· Published Oct 16, 2024· Updated Apr 8, 2026
CVE-2020-36836
CVE-2020-36836
Description
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete arbitrary files from the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*range: <0.9.0.3
- (no CPE)range: <=0.9.0.2
Patches
Vulnerability mechanics
References
3- plugins.trac.wordpress.org/changeset/2235160/wp-fastest-cachenvdPatch
- wearetradecraft.com/advisories/tc-2020-0001/nvdExploitThird Party Advisory
- www.wordfence.com/threat-intel/vulnerabilities/id/82f80916-37ab-4c5a-9787-2544c620acacnvdThird Party Advisory
News mentions
0No linked articles in our index yet.