CVE-2012-6078 – W3 Total Cache <= 0.9.2.4 - Insecure Cryptography to Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2012-6078
W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. W3 Total Cache versiones anteriores a 0.9.2.5, genera claves de hash de forma no segura, lo que permite a atacantes remotos predecir los valores de los hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6078 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-6077 – W3 Total Cache <= 0.9.2.4 - Password Hash Extraction
https://notcve.org/view.php?id=CVE-2012-6077
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. W3 Total Cache versiones anteriores a 0.9.2.5, permite a atacantes remotos recuperar información del hash de contraseña debido al almacenamiento no seguro de los archivos de caché de la base de datos. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6077 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-6715 – W3 Total Cache 0.9.2.6-0.9.3 - File Read / Directory Traversal
https://notcve.org/view.php?id=CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data. pub/sns.php en el plugin W3 Total Cache, en versiones anteriores a la 0.9.4 para WordPress, permite a los atacantes remotos leer archivos arbitrarios mediante el campo SubscribeURL en los datos JSON "SubscriptionConfirmation The script pub/sns.php in the W3 Total Cache plugin (versions 0.9.2.6 through 0.9.3) allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data. • http://packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-Directory-Traversal.html https://vinhjaxt.github.io/2019/03/cve-2019-6715 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-8724 – W3 Total Cache <= 0.9.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-8724
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_INFO to the default URI. Vulnerabilidad de XSS en el plugin W3 Total Cache anterior a 0.9.4.1 para WordPress, cuando el modo debug está habilitado, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de 'Cache key' en HTML-Comments, como se demuesrta en PATH_INFO en la URI por defecto. W3 Total Cache version 0.9.4 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/129626/W3-Total-Cache-0.9.4-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/534266/100/0/threaded https://wordpress.org/plugins/w3-total-cache/changelog https://www.secuvera.de/advisories/secuvera-SA-2014-01.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-9414 – W3 Total Cache <= 0.9.4 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2014-9414
The W3 Total Cache plugin before 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redirect URI via the mobile_groups[*][redirect] parameter and an empty _wpnonce parameter in the w3tc_mobile page to wp-admin/admin.php. El plugin W3 Total Cache anterior a 0.9.4.1 de WordPress no maneja adecuadamente nonces vacíos, lo que permite a atacantes remotos dirigir ataques CSRF y secuestrar la autenticación de administradores para solicitudes de sitio móvil redirigen la URI a través del parámetro mobile_groups[*][redirect] y un parámetro vacío _wpnonce en la página w3tc_mobile a wp-admin/admin.php. • http://mazinahmed1.blogspot.com/2014/12/w3-total-caches-w3totalfail.html http://packetstormsecurity.com/files/129512/W3-Total-Cache-0.9.4-Cross-Site-Request-Forgery.html http://seclists.org/fulldisclosure/2014/Dec/67 http://secunia.com/advisories/61562 http://www.securityfocus.com/archive/1/534250/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/99352 https://github.com/wp-plugins/w3-total-cache/commit/9a1cc9f70558282e135eb3120d271448c75b28dd#diff-86a10b31ab115483fe8111bedac14d15 https://wordpres • CWE-352: Cross-Site Request Forgery (CSRF) •