A persistent cross-site scripting (XSS) vulnerability exists in some versions of a popular WordPress caching engine plugin. The issue – since fixed – exposes vulnerable sites to takeover. From there, attackers could inject malicious scripts, backdoors and so forth.
This means the attacker would have to get the blog owner to visit the cache listing page to actually trigger the XSS.
The issue, which stems from the way the plugin displays information stored in its cache file key, while going through an audit for one of Sucuri’s own pieces of software. The information stored in the plugin’s key isn’t sanitized and since that information is used by the plugin to determine which cache file is loaded, an attacker could use it to insert malicious scripts on the page.
The vulnerability was patched by its author, Donncha Caoimh over the weekend.