Skip to content

Flaw in W3 Total Cache plugin leaves one million websites at risk

  • by
  • 2 min read

A critical vulnerability in the popular W3 Total Cache plugin, tracked as CVE-2024-12365, has placed more than one million WordPress sites at risk, enabling attackers to access sensitive information, including metadata, from cloud-based applications.

The W3 Total Cache plugin, renowned for enhancing website performance through various caching techniques, is widely used to improve page load times and bolster SEO rankings.

The vulnerability stems from a missing capability check in the plugin’s ‘is_w3rc_admin_page’ function. This flaw is present in all plugin versions up to the most recent patch, version 2.8.2. An attacker exploiting this vulnerability must be authenticated and possess at least subscriber-level access- a relatively easy condition to meet.

“This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain the plugin’s nonce value and perform unauthorized actions, resulting in information disclosure, service plan limits consumption as well as making web requests to arbitrary locations originating from the web application that can be used to query information from internal services, including instance metadata on cloud-based applications,” researchers note.

Thus, the primary risks associated with CVE-2024-12365 include:

  • Server-side request forgery (SSRF): Attackers can execute web requests that might expose sensitive data, such as metadata on cloud-hosted applications.
  • Information disclosure: Unauthorised access to sensitive website information.
  • Service abuse: Attackers could deplete caching service limits, leading to degraded site performance and potentially higher operational costs.

Cybercriminals exploiting this flaw could use the compromised website infrastructure to proxy requests to other services, paving the way for more extensive attacks. By leveraging the disclosed information, attackers can target additional vulnerabilities, escalating the potential damage.

As per BleepingComputer, despite the release of a patched version (2.8.2) by the plugin’s developers, only an estimated 150,000 websites have updated to the latest version.

Experts emphasise the importance of maintaining a minimal and essential set of plugins to reduce vulnerabilities. Regular audits of website infrastructure and adherence to best practices, such as timely updates and robust security measures, can significantly diminish cybersecurity risks.

In the News: Apple Store app launches in India

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>