Having just upgraded this wordpress to the new one I wanted to have the whole goodness and installed wp-cache to have static pages of my posts. However it seems that “the newly released wp-super-cache”:http://ocaoimh.ie/2007/11/05/wordpress-super-cache-01/ plugin for WordPress had some nasty vulnerabilities.

The first to report that to me was “Chris Messina on twitter”:http://twitter.com/factoryjoe/statuses/396188382 followed by Stefanie Sullivan reporting about “Tiffany Brown having the same issues”:http://twitter.com/tiffanybbrown. Checking the folders created I found the same two injection attempts Tiffany mentioned. The caching allowed code injected as txt urls via “i” or “s” parameters to be executed.

In my case I found that half my server was mirrored into the supercache folder in the plugin’s cache folder. Not good.

I was happy to see that my etc folder and other more interesting bits were not reached yet before I deactivated the plugin. Right now I am playing grepmaster to see if there are some injections left. My action: deactived and deleted all caching plugins and their cache folders (best via SSH as FTP is a PITA with so many files).

[tags]wordpress,wp-super-cache,vulnerability,xss,damn,aaarghhh[/tags]