WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Wp Fastest Cache safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Wp Fastest Cache WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: wp-fastest-cache
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.1.7 [CVE-2021-20714, WordPress plugin "WP Fastest Cache" vulnerable to directory traversal, WordPress WP Fastest Cache plugin <= 0.9.1.6 - Authenticated Arbitrary File Deletion via Path Traversal vulnerability, WP Fastest Cache <= 0.9.1.6 - Authenticated (Admin+) Directory Traversal to Arbitrary File Deletion, WP Fastest Cache &lt; 0.9.1.7 - Authenticated Arbitrary File Deletion via Path Traversal, EUVD-2021-8129]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.4.9 [CVE-2015-9316, WP Fastest Cache < 0.8.4.9 - SQL Injection, WP Fastest Cache &lt;= 0.8.4.8 - Blind SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.9.6 [CVE-2019-13635, WordPress WP Fastest Cache plugin <= 0.8.9.5 - Directory Traversal vulnerability, WP Fastest Cache <= 0.8.9.5 - Directory Traversal, WP Fastest Cache &lt;= 0.8.9.5 - Directory Traversal]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.9.1 [CVE-2019-6726, WordPress WP Fastest Cache plugin <= 0.8.9.0 - Unauthenticated Arbitrary File Deletion vulnerability, WP Fastest Cache <= 0.8.9.0 - Directory Traversal to Arbitrary File Deletion, WP Fastest Cache &lt;= 0.8.9.0 - Unauthenticated Arbitrary File Deletion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.8.6 [CVE-2018-17583, WP Fastest Cache <= 0.8.8.5 - Cross-Site Scripting via the rules[0][content] parameter in a wpfc_save_exclude_pages action]
+ 43 more known vulnerabilities
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.8.6 [CVE-2018-17584, WP Fastest Cache <= 0.8.8.5 - Cross-Site Request Forgery via page to wpfastestcacheoptions]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.8.6 [CVE-2018-17586, WP Fastest Cache <= 0.8.8.5 - Cross-Site Scripting via rules[0][content] parameter, WP Fastest Cache &lt;= 0.8.8.5 - CSRF and multiple XSS]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.8.6 [CVE-2018-17585, WP Fastest Cache <= 0.8.8.5 - Cross-Site Scripting via wpFastestCachePage options, wpFastestCachePreload_number or wpFastestCacheLanguage parameter]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.3.5 [CVE-2015-4089, WP Fastest Cache < 0.8.3.5 - Multiple Cross-Site Request Forgery, WP Fastest Cache &lt; 0.8.3.5 - Multiple CSRF]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.5 [WordPress WP Fastest Cache plugin <= 0.9.4 - Authenticated SQL Injection (SQLi) vulnerability]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.5 [WordPress WP Fastest Cache plugin <= 0.9.4 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.0.3 [WordPress WP Fastest Cache plugin <= 0.9.0.2 - Cross-Site Request Forgery (CSRF) vulnerability]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.7.5 [WordPress WP Fastest Cache plugin <=0.8.7.4 - Blind SQL Injection (SQLi) vulnerability]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.5.5.9 [WordPress WP Fastest Cache plugin <= 0.8.5.8 - Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerabilities]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.6.0 [WordPress Fastest Cache Plugin <= 0.8.5.9 - Local File Inclusion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.5.8 [WordPress Fastest Cache Plugin <= 0.8.5.7 - Local File Inclusion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.4.9 [WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.5 [CVE-2021-24870, WP Fastest Cache < 0.9.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting, WP Fastest Cache &lt; 0.9.5 - CSRF to Stored Cross-Site Scripting]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.5 [CVE-2021-24869, WP Fastest Cache < 0.9.5 - Authenticated (Subscriber+) SQL Injection, WP Fastest Cache &lt; 0.9.5 - Subscriber+ SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.0.3 [WP Fastest Cache <= 0.9.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.7.5 [WP Fastest Cache <= 0.8.7.4 - SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.6.0 [WP Fastest Cache <= 0.8.5.9 - Local File Inclusion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.5.8 [WP Fastest Cache <= 0.8.5.7 - Local File Inclusion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.5.8 [WP Fastest Cache <= 0.8.5.7 - Missing Authorization]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1930, WP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_clear_cache_of_allsites_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1925, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_clear_cache_of_allsites_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1922, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_pause_cdn_integration_ajax_request_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1923, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_remove_cdn_integration_ajax_request_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1921, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_start_cdn_integration_ajax_request_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1929, WP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_purgecache_varnish_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1924, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_toolbar_save_settings_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1927, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCssAndJsCacheToolbar', WP Fatest Cache &lt; 1.1.3 - Multiple CSRF]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1931, WordPress WP Fastest Cache Plugin <= 1.1.2 is vulnerable to Broken Access Control, WP Fastest Cache <= 1.1.2 - Missing Authorization in 'deleteCssAndJsCacheToolbar']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1928, WP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_preload_single_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1926, WordPress WP Fastest Cache Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF), WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCacheToolbar']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1920, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_purgecache_varnish_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1919, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_preload_single_save_settings_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1918, WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_preload_single_callback']
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.5 [CVE-2023-1938, WordPress WP Fastest Cache Plugin < 1.1.5 is vulnerable to Server Side Request Forgery (SSRF), WP Fastest Cache <= 1.1.4 - Authenticated(Administrator+) Blind Server Side Request Forgery via check_url, WP Fatest Cache &lt; 1.1.5 - Blind SSRF via CSRF]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.1.3 [CVE-2023-1375, WP Fastest Cache <= 1.1.2 - Missing Authorization to Cache Deletion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.7.5 [WP Fastest Cache &lt;= 0.8.7.4 - Blind SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.5.9 [WP Fastest Cache &lt;= 0.8.5.9 - Local File Inclusion (LFI)]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.8.5.8 [WP Fastest Cache &lt;= 0.8.5.7 - Local File Inclusion (LFI)]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.0.3 [WP Fastest Cache &lt; 0.9.0.3 - Cross-Site Request Forgery (CSRF) Arbitrary File Deletion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.2.2 [CVE-2023-6063, WP Fastest Cache <= 1.2.1 - Unauthenticated SQL Injection, WordPress WP Fastest Cache Plugin < 1.2.2 is vulnerable to SQL Injection, WP Fastest Cache &lt; 1.2.2 - Unauthenticated SQL Injection]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.2.7 [CVE-2024-4347, WP Fastest Cache <= 1.2.6 - Authenticated (Administrator+) Arbitrary File Deletion, WordPress WP Fastest Cache Plugin <= 1.2.6 is vulnerable to Arbitrary File Deletion]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 0.9.0.3 [CVE-2020-36836]
  • WP Fastest Cache &#8211; WordPress Cache Plugin [wp-fastest-cache] < 1.4.1 [CVE-2025-10476, WP Fastest Cache <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) DB Cleanup Actions, EUVD-2025-199817]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.