cleantalk
Vulnerabilities and Security Researches

WP Super Cache, CVE-2021-24312

CVE, Research URL

CVE-2021-24312

Home page URL

Security reports for WP Super Cache

Application

WP Super Cache

Published on
Jun 01, 2021
Research Description
The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, $cache_scheduled_time, $cached_direct_pages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209.
Affected versions
Min -, max 1.7.3.
Status
vulnerable
Previous vulnerability researches
WP Super Cache , Dec 20, 2024
WP Super Cache (CVE-2021-24209) , Jun 06, 2024
WP Super Cache (CVE-2013-2009) , Jun 06, 2024
WP Super Cache (CVE-2013-2011) , Jun 06, 2024
WP Super Cache (CVE-2021-24329) , Jun 06, 2024
New vulnerability
Melapress File Monitor (CVE-2025-3702) , Jul 09, 2025
Widget for Google Reviews (CVE-2025-7327) , Jul 09, 2025
Lightbox & Modal Popup WordPress Plugin – FooBox (CVE-2025-5537) , Jul 09, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-6244) , Jul 09, 2025
AI Engine (CVE-2025-5570) , Jul 09, 2025