CVE-2021-24436

The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting XSS security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince ...

W3 Total Cache Plugin for WordPress < 0.9.4 Arbitrary File Read

The WordPress W3 Total Cache Plugin installed on the remote host is affected by an arbitrary file read vulnerability due to improper sanitization of user-supplied input. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

W3 Total Cache Plugin for WordPress < 0.9.7.4 Multiple Vulnerabilities

The WordPress W3 Total Cache Plugin installed on the remote host is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability exists due to improper validation of user-supplied input in command parameter of /w3-total-cache/pub/opcache.php. - A Server Side Request Forgery...

WordPress W3 Total Cache Plugin <= 0.9.4.1 - Bypass

This plugin is prone to unauthenticated security token bypass vulnerability. Solution Update the plugin...

WordPress Plugin W3 Total Cache 'admin.php' Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. w3 Total Cache is one of the blog optimization plug-ins. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache 'admin.php' 0.9.4.1 and earlier. An attacker can...

W3-Total-Cache Wordpress-plugin Username and Hash Extract (CVE-2012-6077)

An information disclosure vulnerability has been reported in W3 Total Cache Plugin for Wordpress...