WebSite Speed
official
Website acceleration, supporting dynamic acceleration of mainstream website projects
Hello, when I activated this plugin all users saw each other's information. It's a security vulnerability. Random information was displayed to random people. The admin panel image appeared to normal users.
I have a Node.js project. Am I the only one who has this problem with this plugin? This is a huge vulnerability.
The Danger of WebSite Speed Plugin
Hello, can you reproduce in detail or take screenshots
aaPanel_Kern
https://www.youtube.com/watch?v=CnkLMTU9dlk&ab_channel=ZFCAKADEM%C4%B0
I made a video for this!
It's a really big problem. Users in the panel see each other's account. The worst part is that they can see each other's private information. When logged in from a normal user, the admin panel can be seen.
When I closed it in the video, the main user was visible. Before I closed it, a different user appeared.
Hello, it is recommended that you add the cache path of the relevant user to the non-cache address