W3 Total Cache Implementation Vulnerability | Sucuri Blog

Just in time for Christmas, it was announced on the full disclosure list a security (configuration/implementation) bug on W3 Total cache (W3TC), one of the most popular WordPress plugins.

The issue is connected to the way W3TC stores the database cache (in a public accessible directory). It can be used to retrieve password hashes and other database information.

By default the plugin will store the caches inside /wp-content/w3tc/dbcache/ and if you have directory listing enabled, anyone can browse to yoursite.com/wp-content/w3tc/dbcache/ and download them. The second issue is that even if you don’t have directory listing enabled, it is still possible to guess those directories/files in order to extract the database cache queries and results.

Full article at W3 Total Cache Implementation Vulnerability | Sucuri Blog.

Published by

Suzette Franck

Suzette Franck has been in web development for over twenty years; she started making hand-coded HTML websites on geocities with font tags and tables back in 1995. Since then, she has taught herself CSS, Sass, PHP, MySQL, as well as becoming a Wordpress expert; evangelizing and presenting at over twenty-two WordCamps across the country and multiple WordPress meetups in Southern California where she resides, about all aspects of building and maintaining sites on WordPress. Suzette is passionate about WordPress the application as well as the WordPress Open Source Community, and loves to code and teach others the wonders of WordPress. She is a purveyor of lowbrow art, and when she is not WordPressing, she is painting or visiting Los Angeles art galleries to add more work to her growing art collection.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.