First published: Wed Feb 12 2020(Updated: )
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Automattic Wp Super Cache | <=1.2 | |
Boldgrid W3 Total Cache | <=0.9.2.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2013-2010 is critical.
CVE-2013-2010 allows remote attackers to execute PHP code on websites using WordPress W3 Total Cache Plugin 0.9.2.8.
WordPress W3 Total Cache Plugin 0.9.2.8 and earlier versions are affected by CVE-2013-2010.
Yes, there are known exploits for CVE-2013-2010. You can find more information about them in the provided references.
To mitigate the risks associated with CVE-2013-2010, update WordPress W3 Total Cache Plugin to a version that is not vulnerable to the remote PHP code execution vulnerability.