wp-super-cache cached too far for me (and others)

Having just upgraded this wordpress to the new one I wanted to have the whole goodness and installed wp-cache to have static pages of my posts. However it seems that the newly released wp-super-cache plugin for WordPress had some nasty vulnerabilities.

The first to report that to me was Chris Messina on twitter followed by Stefanie Sullivan reporting about Tiffany Brown having the same issues. Checking the folders created I found the same two injection attempts Tiffany mentioned. The caching allowed code injected as txt urls via “i” or “s” parameters to be executed.

In my case I found that half my server was mirrored into the supercache folder in the plugin’s cache folder. Not good.

I was happy to see that my etc folder and other more interesting bits were not reached yet before I deactivated the plugin. Right now I am playing grepmaster to see if there are some injections left. My action: deactived and deleted all caching plugins and their cache folders (best via SSH as FTP is a PITA with so many files).

Tags: vulnerability, wordpress, wp-super-cache, xss