Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
boldgrid w3 total cache vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-9414
The W3 Total Cache plugin prior to 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redire...
Boldgrid W3 Total Cache
7.5
CVSSv3
CVE-2012-6078
W3 Total Cache prior to 0.9.2.5 generates hash keys insecurely which allows remote malicious users to predict the values of the hashes.
Boldgrid W3 Total Cache
7.5
CVSSv3
CVE-2012-6079
W3 Total Cache prior to 0.9.2.5 exposes sensitive cached database information which allows remote malicious users to download this information via their hash keys.
Boldgrid W3 Total Cache
4.3
CVSSv2
CVE-2014-8724
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin prior to 0.9.4.1 for WordPress, when debug mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_I...
Boldgrid W3 Total Cache
4.8
CVSSv3
CVE-2021-24427
The W3 Total Cache WordPress plugin prior to 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue
Boldgrid W3 Total Cache
7.5
CVSSv3
CVE-2023-5359
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated malicious users to impersonate W3...
Boldgrid W3 Total Cache
1 Github repository
7.5
CVSSv3
CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin prior to 0.9.4 for WordPress allows remote malicious users to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.
Boldgrid W3 Total Cache
1 Github repository
6.1
CVSSv3
CVE-2021-24436
The W3 Total Cache WordPress plugin prior to 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow...
Boldgrid W3 Total Cache
6.1
CVSSv3
CVE-2021-24452
The W3 Total Cache WordPress plugin prior to 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as t...
Boldgrid W3 Total Cache
7.5
CVSSv3
CVE-2012-6077
W3 Total Cache prior to 0.9.2.5 allows remote malicious users to retrieve password hash information due to insecure storage of database cache files.
Boldgrid W3 Total Cache
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
path traversal
CVE-2025-2657
CVE-2025-30066
CVE-2025-24813
apache commons vfs
CVE-2025-2478
validation
CVE-2025-2674
code injection
medical card generation system
microsoft edge (chromium-based)
CVE-2025-2688
cicadascms
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon