CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12365 – W3 Total Cache <= 2.8.1 - Authenticated (Subscriber+) Missing Authorization to Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2024-12365
13 Jan 2025 — The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is_w3tc_admin_page function in all versions up to, and including, 2.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain the plugin's nonce value and perform unauthorized actions, resulting in information disclosure, service plan limits consumption as well as making web requests to arbitrary locations originating from the web appl... • https://plugins.trac.wordpress.org/browser/w3-total-cache/tags/2.8.0/Extension_ImageService_Plugin_Admin.php#L200 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12006 – W3 Total Cache <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/Deactivation
https://notcve.org/view.php?id=CVE-2024-12006
13 Jan 2025 — The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.8.1. This makes it possible for unauthenticated attackers to deactivate the plugin as well as activate and deactivate plugin extensions. • https://plugins.trac.wordpress.org/browser/w3-total-cache/tags/2.8.0/Extensions_Plugin_Admin.php#L186 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12008 – W3 Total Cache <= 2.8.1 Information Exposure via Log Files
https://notcve.org/view.php?id=CVE-2024-12008
13 Jan 2025 — The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For example, the log file may contain nonce values that can be used in further CSRF attacks. Note: the debug feature must be enabled for this to be a concern, and it is disabled by default. • https://plugins.trac.wordpress.org/browser/w3-total-cache/tags/2.8.0/Util_Debug.php#L29 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5359 – W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext
https://notcve.org/view.php?id=CVE-2023-5359
23 Sep 2024 — The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way. • https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24436 – W3 Total Cache < 2.1.4 - Reflected XSS in Extensions Page (Attribute Context)
https://notcve.org/view.php?id=CVE-2021-24436
28 Jun 2021 — The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise. El plugin W3 Total Cache WordPress versiones anteriores a 2.1.4, er... • https://wpscan.com/vulnerability/05988ebb-7378-4a3a-9d2d-30f8f58fe9ef • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24452 – W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context)
https://notcve.org/view.php?id=CVE-2021-24452
28 Jun 2021 — The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript context without proper escaping. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site c... • https://wpscan.com/vulnerability/3e855e09-056f-45b5-89a9-d644b7d8c9d0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24427 – W3 Total Cache < 2.1.3 - Authenticated Stored XSS
https://notcve.org/view.php?id=CVE-2021-24427
16 Jun 2021 — The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue El plugin de WordPress W3 Total Cache versiones anteriores a 2.1.3, no saneaba o escapaba de algunas de sus configuraciones de CDN, permitiendo a usuarios con altos privilegios usar JavaScript en ellas, que se emitirá en la página, conllevando a un problema... • https://m0ze.ru/vulnerability/%5B2021-04-25%5D-%5BWordPress%5D-%5BCWE-79%5D-W3-Total-Cache-WordPress-Plugin-v2.1.2.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6079 – W3 Total Cache <= 0.9.2.4 - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2012-6079
22 Nov 2019 — W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. W3 Total Cache versiones anteriores a 0.9.2.5, expone información confidencial de la base de datos en la caché lo que permite a atacantes remotos descargar esta información por medio de sus claves de hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2012-6078 – W3 Total Cache <= 0.9.2.4 - Insecure Cryptography to Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2012-6078
22 Nov 2019 — W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. W3 Total Cache versiones anteriores a 0.9.2.5, genera claves de hash de forma no segura, lo que permite a atacantes remotos predecir los valores de los hash. • http://www.openwall.com/lists/oss-security/2012/12/30/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6077 – W3 Total Cache <= 0.9.2.4 - Password Hash Extraction
https://notcve.org/view.php?id=CVE-2012-6077
22 Nov 2019 — W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. W3 Total Cache versiones anteriores a 0.9.2.5, permite a atacantes remotos recuperar información del hash de contraseña debido al almacenamiento no seguro de los archivos de caché de la base de datos. • http://www.openwall.com/lists/oss-security/2012/12/30/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •