CVE-2025-10583
📋 TL;DR
The WP Fastest Cache WordPress plugin contains a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated users with Subscriber-level access or higher to make arbitrary web requests from the server. This can be used to query or modify internal services accessible from the web server. All WordPress sites using WP Fastest Cache versions up to 1.7.4 are affected.
💻 Affected Systems
- WP Fastest Cache WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could access internal services, exfiltrate sensitive data from internal networks, or perform attacks against internal systems using the web server as a proxy.
Likely Case
Information disclosure from internal services, scanning of internal networks, or limited modification of accessible internal services.
If Mitigated
Limited impact if internal services are properly segmented and authenticated, with the web server having minimal internal network access.
🎯 Exploit Status
Exploitation requires authenticated access but only at Subscriber level, which is the lowest WordPress user role. The vulnerability is in a publicly accessible AJAX endpoint.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.7.5
Vendor Advisory: https://www.wpfastestcache.com/changelog/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WP Fastest Cache and click 'Update Now'. 4. Verify version is 1.7.5 or higher.
🔧 Temporary Workarounds
Disable vulnerable AJAX endpoint
allRemove or restrict access to the vulnerable 'get_server_time_ajax_request' AJAX action
Add to theme's functions.php or custom plugin: remove_action('wp_ajax_get_server_time_ajax_request', 'wpfc_get_server_time_ajax_request_callback');
Add to theme's functions.php or custom plugin: remove_action('wp_ajax_nopriv_get_server_time_ajax_request', 'wpfc_get_server_time_ajax_request_callback');
Disable plugin
linuxTemporarily disable WP Fastest Cache until patched
wp plugin deactivate wp-fastest-cache
🧯 If You Can't Patch
- Restrict internal network access from web server using firewall rules
- Implement network segmentation to isolate web server from sensitive internal services
🔍 How to Verify
Check if Vulnerable:
Check WP Fastest Cache plugin version in WordPress admin panel under Plugins > Installed PluginsCheck Version:
wp plugin get wp-fastest-cache --field=versionVerify Fix Applied:
Verify WP Fastest Cache version is 1.7.5 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to /wp-admin/admin-ajax.php with action=get_server_time_ajax_request
- Outbound web requests from web server to internal IP addresses or unusual domains
Network Indicators:
- Web server making unexpected HTTP requests to internal services or unusual external domains
- Traffic patterns showing web server acting as proxy
SIEM Query:
source="web_server_logs" AND (url_path="/wp-admin/admin-ajax.php" AND parameters.action="get_server_time_ajax_request")