CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5359 – W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext
https://notcve.org/view.php?id=CVE-2023-5359
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way. • https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39 https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24436 – W3 Total Cache < 2.1.4 - Reflected XSS in Extensions Page (Attribute Context)
https://notcve.org/view.php?id=CVE-2021-24436
The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise. El plugin W3 Total Cache WordPress versiones anteriores a 2.1.4, era susceptible a una vulnerabilidad de seguridad de tipo Cross-Site Scripting (XSS) reflejado en el parámetro "extension" en el panel de control Extensions que se emite en un atributo sin ser escapado primero. Esto podría permitir a un atacante, que puede convencer a un administrador autenticado para que haga clic en un enlace, ejecutar JavaScript malicioso dentro del navegador web del usuario, lo que podría conllevar a un compromiso total del sitio • https://wpscan.com/vulnerability/05988ebb-7378-4a3a-9d2d-30f8f58fe9ef • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24452 – W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context)
https://notcve.org/view.php?id=CVE-2021-24452
The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript context without proper escaping. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise. El plugin W3 Total Cache WordPress versiones anteriores a 2.1.5, estaba afectado por un problema de tipo Cross-Site Scripting (XSS) reflejado en el parámetro "extension" en el panel de control Extensions, cuando el ajuste "Anonymously track usage to improve product quality" está activado, ya que el parámetro se emite en un contexto JavaScript sin un escape apropiado. Esto podría permitir a un atacante, que puede convencer a un administrador autenticado para que haga clic en un enlace, ejecutar JavaScript malicioso dentro del navegador web del usuario, lo que podría conllevar a un compromiso total del sitio • https://wpscan.com/vulnerability/3e855e09-056f-45b5-89a9-d644b7d8c9d0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24427 – W3 Total Cache < 2.1.3 - Authenticated Stored XSS
https://notcve.org/view.php?id=CVE-2021-24427
The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue El plugin de WordPress W3 Total Cache versiones anteriores a 2.1.3, no saneaba o escapaba de algunas de sus configuraciones de CDN, permitiendo a usuarios con altos privilegios usar JavaScript en ellas, que se emitirá en la página, conllevando a un problema de tipo Cross-Site Scripting Almacenado autentificado The W3 Total Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several CDN settings in versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://m0ze.ru/vulnerability/%5B2021-04-25%5D-%5BWordPress%5D-%5BCWE-79%5D-W3-Total-Cache-WordPress-Plugin-v2.1.2.txt https://wpscan.com/vulnerability/5da5ce9a-82a6-404f-8dec-795d7905b3f9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6079 – W3 Total Cache <= 0.9.2.4 - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2012-6079
W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. W3 Total Cache versiones anteriores a 0.9.2.5, expone información confidencial de la base de datos en la caché lo que permite a atacantes remotos descargar esta información por medio de sus claves de hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 https://security-tracker.debian.org/tracker/CVE-2012-6079 https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •