cleantalk
Vulnerabilities and Security Researches

WP Super Cache, CVE-2021-24209

CVE, Research URL

CVE-2021-24209

Home page URL

Security reports for WP Super Cache

Application

WP Super Cache

Published on
Apr 06, 2021
Research Description
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for a web shell injection.
Affected versions
Min -, max 1.7.2.
Status
vulnerable
Previous vulnerability researches
WP Super Cache , Dec 20, 2024
WP Super Cache (CVE-2021-24209) , Jun 06, 2024
WP Super Cache (CVE-2013-2009) , Jun 06, 2024
WP Super Cache (CVE-2013-2011) , Jun 06, 2024
WP Super Cache (CVE-2021-24329) , Jun 06, 2024
New vulnerability
Melapress File Monitor (CVE-2025-3702) , Jul 09, 2025
Widget for Google Reviews (CVE-2025-7327) , Jul 09, 2025
Lightbox & Modal Popup WordPress Plugin – FooBox (CVE-2025-5537) , Jul 09, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-6244) , Jul 09, 2025
AI Engine (CVE-2025-5570) , Jul 09, 2025