Protecting WordPress Websites from Critical SQL Injection Vulnerability in WP Fastest Cache Plugin
At SiteGround, we always take proactive measures to identify and address potential vulnerabilities promptly. This was the case with the latest critical vulnerability for WordPress sites using the popular WP Fastest Cache plugin. By upgrading the vulnerable WP Fastest Cache plugin to version 1.2.2, we remedied a critical SQL injection vulnerability within an hour since it was reported.
Understanding the Vulnerability
The WP Fastest Cache plugin is widely used to enhance website performance by generating static HTML files. However, versions prior to 1.2.2 of this plugin were found to have a severe SQL injection vulnerability, reported last week. This vulnerability allowed unauthenticated attackers to inject additional SQL queries into existing queries, potentially compromising the security of the website’s database.
This security flaw scored 9.8 out of 10, indicating its critical nature. As a result, it was crucial for us to take immediate action to protect our clients’ websites.
Upgrading the Plugin for Enhanced Security
To safeguard our clients’ websites, we proactively upgraded the WP Fastest Cache plugin on their behalf. Our dedicated team upgraded over 98% of the plugin users on our servers to version 1.2.2 . The mass upgrade was completed within an hour, effectively eliminating the critical SQL injection risk.
However, a very small portion of WordPress websites did not receive the plugin upgrade despite multiple attempts. If you are using the WP Fastest Cache plugin, please check your current version from the WordPress dashboard of your website. We strongly advise you to take action immediately and either manually upgrade the plugin to version 1.2.2 or remove it from your website altogether. With this upgrade, we ensure that your websites are protected against potential exploits and unauthorized access to sensitive information.
If you’re looking for a reliable alternative to the WP Fastest Cache plugin, we recommend trying the SiteGround WordPress Optimizer plugin. It’s trusted by over 1,000,000 WordPress webmasters, and is ranked among the best WordPress performance plugins by the WordPress community. It’s pre-installed by default for all SiteGround clients, and completely free and available to download on any other hosting provider, if you have WordPress websites hosted elsewhere.
Our Commitment to Website Security
At SiteGround, we continuously monitor the security landscape for potential vulnerabilities. We prioritize addressing critical security issues, even in the event of third-party plugins – like the SQL injection vulnerability in the WP Fastest Cache plugin. Our proactive approach in upgrading the plugin for our clients demonstrates our commitment to providing a secure hosting environment.
If you have any questions or concerns about the security of your website, our dedicated support team is available to assist you. We are here to ensure that your WordPress website remains safe and protected.