Lucene search
K

4 matches found

NVD
NVD
added 2025/11/17 6:15 a.m.13 views

CVE-2025-9501

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the parsedynamicmfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post...

9CVSS0.19241EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/17 6:0 a.m.4 views

CVE-2025-9501 W3 Total Cache < 2.8.13 - Unauthenticated Command Injection

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the parsedynamicmfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post...

7.5AI score0.19241EPSS
Exploits1References1
CVE
CVE
added 2025/11/17 6:0 a.m.41 views

CVE-2025-9501

CVE-2025-9501 - W3 Total Cache (WordPress) : The vulnerability affects the WordPress W3 Total Cache plugin up to version 2.8.13. The root cause is a command injection in the _parse_dynamic_mfunc function that allows unauthenticated users to submit a malicious payload in a post comment to execute ...

9CVSS7.5AI score0.19241EPSS
In wildExploits1References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.10 views

PT-2025-47123

Name of the Vulnerable Software and Affected Versions W3 Total Cache versions prior to 2.8.13 Description The W3 Total Cache WordPress plugin is affected by a command injection issue through the parse dynamic mfunc function. This allows unauthenticated users to execute arbitrary PHP commands by...

9CVSS8AI score0.19241EPSS
Exploits1References55
Rows per page
Query Builder