Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w3 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-9414
The W3 Total Cache plugin prior to 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redire...
Boldgrid W3 Total Cache
312
VMScore
CVE-2021-24427
The W3 Total Cache WordPress plugin prior to 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue
Boldgrid W3 Total Cache
605
VMScore
CVE-2013-2011
WordPress W3 Super Cache Plugin prior to 1.3.2 contains a PHP code-execution vulnerability which could allow remote malicious users to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.
Automattic W3 Super Cache
446
VMScore
CVE-2012-6077
W3 Total Cache prior to 0.9.2.5 allows remote malicious users to retrieve password hash information due to insecure storage of database cache files.
Boldgrid W3 Total Cache
446
VMScore
CVE-2012-6079
W3 Total Cache prior to 0.9.2.5 exposes sensitive cached database information which allows remote malicious users to download this information via their hash keys.
Boldgrid W3 Total Cache
385
VMScore
CVE-2014-8724
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin prior to 0.9.4.1 for WordPress, when debug mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_I...
Boldgrid W3 Total Cache
445
VMScore
CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin prior to 0.9.4 for WordPress allows remote malicious users to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.
Boldgrid W3 Total Cache
1 Github repository
383
VMScore
CVE-2021-24452
The W3 Total Cache WordPress plugin prior to 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as t...
Boldgrid W3 Total Cache
668
VMScore
CVE-1999-1469
Buffer overflow in w3-auth CGI program in miniSQL package allows remote malicious users to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
Hughes Technologies W3-auth
755
VMScore
CVE-2008-4573
SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote malicious users to execute arbitrary SQL commands via the kat parameter.
Aspindir Munzursoft Web Portal W3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »