CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24452 – W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context)
https://notcve.org/view.php?id=CVE-2021-24452
The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript context without proper escaping. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise. El plugin W3 Total Cache WordPress versiones anteriores a 2.1.5, estaba afectado por un problema de tipo Cross-Site Scripting (XSS) reflejado en el parámetro "extension" en el panel de control Extensions, cuando el ajuste "Anonymously track usage to improve product quality" está activado, ya que el parámetro se emite en un contexto JavaScript sin un escape apropiado. Esto podría permitir a un atacante, que puede convencer a un administrador autenticado para que haga clic en un enlace, ejecutar JavaScript malicioso dentro del navegador web del usuario, lo que podría conllevar a un compromiso total del sitio • https://wpscan.com/vulnerability/3e855e09-056f-45b5-89a9-d644b7d8c9d0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24427 – W3 Total Cache < 2.1.3 - Authenticated Stored XSS
https://notcve.org/view.php?id=CVE-2021-24427
The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue El plugin de WordPress W3 Total Cache versiones anteriores a 2.1.3, no saneaba o escapaba de algunas de sus configuraciones de CDN, permitiendo a usuarios con altos privilegios usar JavaScript en ellas, que se emitirá en la página, conllevando a un problema de tipo Cross-Site Scripting Almacenado autentificado The W3 Total Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several CDN settings in versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://m0ze.ru/vulnerability/%5B2021-04-25%5D-%5BWordPress%5D-%5BCWE-79%5D-W3-Total-Cache-WordPress-Plugin-v2.1.2.txt https://wpscan.com/vulnerability/5da5ce9a-82a6-404f-8dec-795d7905b3f9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6079 – W3 Total Cache <= 0.9.2.4 - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2012-6079
W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. W3 Total Cache versiones anteriores a 0.9.2.5, expone información confidencial de la base de datos en la caché lo que permite a atacantes remotos descargar esta información por medio de sus claves de hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6079 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2012-6078 – W3 Total Cache <= 0.9.2.4 - Insecure Cryptography to Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2012-6078
W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. W3 Total Cache versiones anteriores a 0.9.2.5, genera claves de hash de forma no segura, lo que permite a atacantes remotos predecir los valores de los hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6078 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6077 – W3 Total Cache <= 0.9.2.4 - Password Hash Extraction
https://notcve.org/view.php?id=CVE-2012-6077
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. W3 Total Cache versiones anteriores a 0.9.2.5, permite a atacantes remotos recuperar información del hash de contraseña debido al almacenamiento no seguro de los archivos de caché de la base de datos. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6077 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •