### [CVE-2021-24209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24209)
![](https://img.shields.io/static/v1?label=Product&message=WP%20Super%20Cache&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brightgreen)

### Description

The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for a web shell injection.

### POC

#### Reference
- https://wpscan.com/vulnerability/733d8a02-0d44-4b78-bbb2-37e447acd2f3

#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/tzwlhack/Vulnerability