Lucene search
Tobias GlemserPATCHSTACK:DDE2BCDA17999F804FF0A8EF27BEC9CDHistoryNov 10, 2014 - 12:00 a.m.
WordPress W3 Total Cache Plugin <= 0.9.4 - XSS
2014-11-1000:00:00
Tobias Glemser
patchstack.com
4
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the “Cache key” in the HTML-Comments.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| w3 total cache | le | 0.9.4 |
Related
nessus
nessus
W3 Total Cache Plugin For WordPress Cache Key XSS
2015-01-15 00:00:00
packetstorm
packetstorm
W3 Total Cache 0.9.4 Cross Site Scripting
2014-12-17 00:00:00
cve
cve
CVE-2014-8724
2014-12-19 15:59:00
wpvulndb
wpvulndb
W3 Total Cache <= 0.9.4 - Debug Mode XSS
2014-12-12 09:20:23
securityvulns
securityvulns
secuvera-SA-2014-01: Reflected XSS in W3 Total Cache
2014-12-22 00:00:00
prion
prion
Cross site scripting
2014-12-19 15:59:00
openvas
openvas
WordPress W3 Total Cache < 0.9.4.1 XSS Vulnerability - Active Check
2014-12-23 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for PATCHSTACK:DDE2BCDA17999F804FF0A8EF27BEC9CD