CVE-2026-9282
The connected documents confirm a directory traversal vulnerability in the W3 Total Cache WordPress plugin, affecting all versions up to and including 2.9.4. The issue arises through the setupSources function, enabling unauthenticated attackers to read arbitrary server files that may contain sens...