Injection Vulnerability in W3 Total Cache Fixed
Recently we detected a vulnerability in one of the most commonly used WordPress Plugins – WP Total Cache. So we improved our Security system to protect all websites hosted on Managed VPS or shared hosting plans.
We detected the vulnerability within the plugin’s support form as to exploit the vulnerability an admin or а user must have an active session.
w3w3A successful attack may lead to а malicious code injection by an admin without their knowledge. Thus the hacker might gain full access to the website’s administration.