GCVE - cpe:2.3:a:softaculous:speedycache:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:softaculous:speedycache:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Softaculous (`65f23925-db99-5043-a6d0-39da9bceb2f5`)
Product	Speedycache (`8d49c8d1-f2cc-5a04-9f76-554baeaecefb`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-43299`	vulnerable	2026-06-03 14:56:44.921766	WordPress SpeedyCache plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerability MEDIUM (5.4) Cross-Site Request Forgery (CSRF) vulnerability in Softaculous SpeedyCache speedycache.This issue affects SpeedyCache: from n/a through <= 1.1.8. Published: 2024-08-26T20:41:26.046Z Updated: 2026-04-28T16:10:12.276Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/speedycache/vulnerability/wordpress-speedycache-plugin-1-1-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-6598`	vulnerable	2026-06-03 14:53:58.483880	SpeedyCache <= 1.1.3 - Missing Authorization to Plugin Options Update MEDIUM (4.3) The SpeedyCache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the speedycache_save_varniship, speedycache_img_update_settings, speedycache_preloading_add_settings, and speedycache_preloading_delete_resource functions in all versions up to, and including, 1.1.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to update plugin options. Published: 2024-01-11T08:33:02.864Z Updated: 2026-04-08T17:27:37.164Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/db8cfdba-f3b2-45dc-9be7-6f6374fd5f39?source=cve https://plugins.trac.wordpress.org/changeset/3010577/speedycache	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49746`	vulnerable	2026-06-03 14:53:26.290924	WordPress SpeedyCache Plugin <= 1.1.2 is vulnerable to Server Side Request Forgery (SSRF) MEDIUM (4.9) Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache, Optimization, Performance.This issue affects SpeedyCache – Cache, Optimization, Performance: from n/a through 1.1.2. Published: 2023-12-07T10:50:20.261Z Updated: 2026-04-28T16:08:56.832Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/speedycache/wordpress-speedycache-plugin-1-1-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.