213 matches found
Nextcloud: W3 Total Cache plugin multiple vulnerabilities
W3 Total Cache plugin version = 0.9.4.1 on the https://nextcloud.com has multiple vulnerabilities. See the screenshot.png Impact Remote Command Execution, Unauthenticated Security Token Bypass, Unauthenticated Arbitrary File Read etc...
W3 Total Cache Arbitrary File Read Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.W3 Total Cache plugin is an SEO Search Engine Optimization plugin used in it. An arbitrary file read vulnerability exists in the...
Code injection
pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data...
CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data...
CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data...
CVE-2019-6715
The CVE concerns WordPress W3 Total Cache plugin versions before 0.9.4, where an unauthenticated attacker can read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data, targeting the pub/sns.php endpoint. Technical details from connected documents specify an unauthenti...
myamericanfamilydentist.com XSS vulnerability
Vulnerable URL: http://www.myamericanfamilydentist.com/dev/wp-content/plugins/w3-total-cache/wp-content/view.php?file="/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...
WordPress W3 Total Cache Plugin Competitive Conditions Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site.W3 Total Cache is one of the blog optimization plug-ins. A competitive condition vulnerability exists in...
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation Vulnerability
A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected...
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in W3 Total Cache plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress W3 Total Cache 0.9.4.1 Race Condition Vulnerability
An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the suppo...
WordPress W3 Total Cache 0.9.4.1 Race Condition
------------------------------------------------------------------------ Information disclosure race condition in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation
------------------------------------------------------------------------ Weak validation of Amazon SNS push messages in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in W3 Total Cache plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
W3 Total Cache <= 0.9.4.1 - Weak Validation of Amazon SNS Push Messages
The W3 Total Cache WordPress plugin was affected by a Weak Validation of Amazon SNS Push Messages security vulnerability...
W3 Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery SSRF security vulnerability...
WordPress W3 Total Cache Plugin <= 0.9.4.1 - Arbitrary File Upload
This plugin is prone to an authenticated arbitrary file upload vulnerability. Solution Update the plugin...
WordPress W3 Total Cache Plugin <= 0.9.4.1 - Arbitrary File Download
This plugin is prone to authenticated arbitrary file download vulnerability. Solution Update the plugin...
WordPress W3 Total Cache Plugin <= 0.9.4.1 - Bypass
This plugin is prone to unauthenticated security token bypass vulnerability. Solution Update the plugin...
WordPress W3 Total Cache Plugin <= 0.9.4.1 - Arbitrary PHP Code Execution
This plugin is prone to an authenticated arbitrary PHP code execution vulnerability. Solution Update the plugin...