HQ/EMEAFind out how we can help your business
A critical vulnerability in the W3 Total Cache plugin employed by millions of WordPress sites can allegedly allow threat actors to access various information, including metadata, on cloud-based apps.
The vulnerable plugin is a solution that optimises a website’s speed, reduces load times, and improves a page’s overall SEO rating. On the other hand, the plugin flaw in question is tracked as CVE-2024-12365, which the developers claimed they have already addressed.
The plugin’s most recent version is the patch that contains the fox, but hundreds of thousands of websites have yet to install the updated version.
The W3 Total Cache flaw is due to a missing capability check in one of its functions.
According to investigations, the security issue on the W3 Total Cache flaw is caused by a missing capability check in its ‘is_w3tc_admin_page’ function that is present in all versions. This flaw grants access to the plugin’s security nonce value, allowing unauthorised individuals to execute various actions.
Threat actors can exploit the vulnerability if they are authenticated and have at least subscriber-level privileges, which is a simple requirement. Additionally, the researchers confirmed that some risks posed by CVE-2024-12365 include Server-Side Request Forgery (SSRF), which can create web requests that may reveal sensitive data, information leaks, and service abuse.
Furthermore, for the real-world consequences of this problem, attackers might exploit the website’s infrastructure to proxy requests to other services and then use the stolen information to launch additional attacks.
Relevant parties suggest that potentially affected users update their plugins to the most recent version, W3 Total Cache version 2.8.2. This would address and fix the vulnerability.
A recent tally shows that approximately 150,000 websites installed the plugin after the developer released the most recent update. Therefore, there are still hundreds of thousands of exposed WordPress sites.
Website owners should generally avoid installing too many plugins and remove unnecessary software. A web application firewall may also be helpful because it can detect and prevent exploitation.
Lastly, owners and admins who have yet to adopt the latest patch should consider applying it immediately to avoid hackers trying to exploit the new bug.
