CVE-2024-12314
HIGHDescription
The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 1.2.3. This is due to plugin storing HTTP headers in the cached data. This makes it possible for unauthenticated attackers to poison the cache with custom HTTP headers that may be unsanitized which can lead to Cross-Site Scripting.
Is your site exposed to CVE-2024-12314?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| megaoptim | rapid_cache |
References
Frequently Asked Questions
What is CVE-2024-12314? +
How severe is CVE-2024-12314? +
What products are affected by CVE-2024-12314? +
How do I check if I'm vulnerable to CVE-2024-12314? +
Related Vulnerabilities
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting …
An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control …
Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results …
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In …
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is …
Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie …