+- Sinisterly (https://sinister.ly)
+-- Forum: General (https://sinister.ly/Forum-General)
+--- Forum: World News (https://sinister.ly/Forum-World-News)
+--- Thread: RSS_BOT WordPress plugin W3 Total Cache critical Vulnerability disclosed (/Thread-RSS-BOT-WordPress-plugin-W3-Total-Cache-critical-Vulnerability-disclosed--46084)
RSS_BOT WordPress plugin W3 Total Cache critical Vulnerability disclosed - 1llusion - 12-27-2012
WordPress plugin W3 Total Cache critical Vulnerability disclosed
One of the most popular Wordpress Plugin called "W3 Total Cache" which is used to Improve site performance and user experience via caching, having potential vulnerability. On Christmas day, someone disclose it on full-disclosure site that how a plugin misconfiguration leads to possible Wordpress cms hack.
The loophole is actually activated on the fact that how W3TC stores the database cache.
http://feedproxy.google.com/~r/TheHackersNews/~3/4kf9wXVPeKM/wordpress-plugin-w3-total-cache_26.html