Overview
CVE-2025-10476 describes a medium-severity vulnerability found in the WP Fastest Cache plugin for WordPress. Specifically, versions up to and including 1.4.0 are affected. This vulnerability allows authenticated attackers with Subscriber-level access (or higher) to initiate certain database fix actions without proper authorization. This issue arises from a missing capability check on the wpfc_db_fix_callback() function. Note that this vulnerability only impacts sites with the premium version of WP Fastest Cache activated.
Technical Details
The vulnerability stems from the absence of sufficient capability checks within the wpfc_db_fix_callback() function. This function is responsible for performing various database fixes related to the caching mechanisms provided by the WP Fastest Cache plugin. Because Subscriber-level users are able to trigger the callback, they can initiate these database fixes, potentially leading to unintended consequences and data modification.
The vulnerable code lacks a proper check to ensure the user initiating the database fix has the necessary privileges. This allows attackers, even with minimal permissions, to execute actions that should be restricted to administrators or users with specific capabilities.
CVSS Analysis
- CVE ID: CVE-2025-10476
- Published: 2025-11-27T11:15:45.863
- Severity: MEDIUM
- CVSS Score: 4.3
- CVSS Vector: (This vector is a representation and might vary slightly depending on the calculator used. A common vector for this kind of vulnerability would be:) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
A CVSS score of 4.3 indicates a medium severity vulnerability. The attack vector is network-based (AV:N), requiring low attack complexity (AC:L). The attacker must be authenticated with low privileges (PR:L) and no user interaction is required (UI:N). The scope is unchanged (S:U) and the impact is low integrity (I:L) with no impact to confidentiality (C:N) or availability (A:N). This means an attacker can modify data but has limited impact on the system’s functionality or data confidentiality.
Possible Impact
While the CVSS score is medium, the impact of this vulnerability can still be significant. By exploiting this flaw, an attacker with subscriber-level access could potentially:
- Modify caching configurations, leading to performance degradation.
- Corrupt cached data, potentially causing website errors or displaying incorrect information to visitors.
- Force database operations to run repeatedly and unnecessarily, leading to database load.
The actual impact depends on the specific database fix actions triggered by the attacker and the plugin’s implementation of those fixes.
Mitigation and Patch Steps
The vulnerability has been addressed in WP Fastest Cache version 1.4.1. It is strongly recommended to update your WP Fastest Cache plugin to the latest version as soon as possible.
- Update the plugin: Navigate to the “Plugins” section in your WordPress dashboard and update WP Fastest Cache to version 1.4.1 or later.
- Verify the update: After updating, confirm that the plugin version is 1.4.1 or higher.
- Monitor user activity: Keep an eye on user activity logs for any suspicious actions, especially related to database modifications.
