Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-0146
Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.
Hughes Technologies W3-msql
1 EDB exploit
6.8
CVSSv2
CVE-2013-2011
WordPress W3 Super Cache Plugin prior to 1.3.2 contains a PHP code-execution vulnerability which could allow remote malicious users to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.
Automattic W3 Super Cache
5
CVSSv2
CVE-2012-6079
W3 Total Cache prior to 0.9.2.5 exposes sensitive cached database information which allows remote malicious users to download this information via their hash keys.
Boldgrid W3 Total Cache
4.3
CVSSv2
CVE-2014-8724
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin prior to 0.9.4.1 for WordPress, when debug mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_I...
Boldgrid W3 Total Cache
7.5
CVSSv2
CVE-1999-1469
Buffer overflow in w3-auth CGI program in miniSQL package allows remote malicious users to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
Hughes Technologies W3-auth
5
CVSSv2
CVE-2012-6077
W3 Total Cache prior to 0.9.2.5 allows remote malicious users to retrieve password hash information due to insecure storage of database cache files.
Boldgrid W3 Total Cache
5
CVSSv2
CVE-2012-6078
W3 Total Cache prior to 0.9.2.5 generates hash keys insecurely which allows remote malicious users to predict the values of the hashes.
Boldgrid W3 Total Cache
6.8
CVSSv2
CVE-2014-9414
The W3 Total Cache plugin prior to 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redire...
Boldgrid W3 Total Cache
4.3
CVSSv2
CVE-2021-24436
The W3 Total Cache WordPress plugin prior to 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow...
Boldgrid W3 Total Cache
4.3
CVSSv2
CVE-2017-5928
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanis...
W3 High Resolution Time Api -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »