/plushcap/analysis/cloudflare/w3tc-and-wp-super-cache-vulnerability-discove-17794

W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched

What's this blog post about?

On April 24, 2013, the research firm Sucuri discovered a serious vulnerability in two popular WordPress caching plugins, W3 Total Cache and WP Super Cache. The flaw allows remote PHP code execution on servers running these plugins. CloudFlare has implemented protection against this vulnerability for all its users, including free accounts. However, it is recommended that users of the affected plugins upgrade immediately to secure versions (W3TC 0.9.2.9 and WP Super Cache 1.3.x) or disable them until upgraded. The attack exploits certain functions in these plugins, enabling arbitrary PHP commands to be executed on the server. This could lead to unauthorized access, database manipulation, or malware installation.

Company
Cloudflare

Date published
April 24, 2013

Author(s)
Matthew Prince

Word count
371

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.