CVE-2024-12365

Name of the Vulnerable Software and Affected Versions W3 Total Cache plugin for WordPress versions up to, and including, 2.8.1

Description The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is w3tc admin page function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain the plugin's nonce value and perform unauthorized actions, resulting in information disclosure, service plan limits consumption, as well as making web requests to arbitrary locations originating from the web application that can be used to query information from internal services, including instance metadata on cloud-based applications. It is estimated that over 1 million WordPress sites are exposed to attacks, risking unauthorized access to sensitive information.

Recommendations For W3 Total Cache plugin for WordPress versions up to, and including, 2.8.1: Update to the latest version of the plugin to protect your website from unauthorized data access and potential performance degradation. As a temporary workaround, consider disabling the is w3tc admin page function until a patch is available. Restrict access to the plugin's nonce value to minimize the risk of exploitation. Avoid using the plugin until the issue is resolved.