WordPress Plugin WP Super Cache allows unauthorized access to sensitive files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

WordPress Plugin WP Super Cache allows unauthorized access to sensitive files

ECHO-e74f-830c-cd04

Summary

A security issue in the WP Super Cache plugin for WordPress allows hackers to access sensitive files on a website. This means that an attacker could potentially read or modify sensitive data, such as passwords or configuration files. To protect your website, update the WP Super Cache plugin to the latest version or consider disabling it temporarily until a patch is available.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
–	libraw	All versions	–

Original title

ECHO-e74f-830c-cd04

https://advisory.echohq.com/cve/CVE-2026-20884 URL

Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026