W3 Total Cache Security Vulnerabilities and Issues — W3 Total Cache CVE List

Lucene search

BoldgridW3 Total Cache

3 matches found

cve•added 2021/07/19 11:15 a.m.•64 views

CVE-2021-24436

The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince ...

6.1CVSS5.9AI score0.05838EPSS

cve•added 2021/07/19 11:15 a.m.•59 views

CVE-2021-24452

The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript co...

6.1CVSS5.8AI score0.09627EPSS

cve•added 2014/12/24 6:59 p.m.•38 views

CVE-2014-9414

The W3 Total Cache plugin before 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redirect URI via the mobile_group...

6.8CVSS7.3AI score0.00357EPSS