Serious and urgent vulnerability in W3 Total Cache

Today a serious vulnerability was detected in the famous W3 Total Cache plugin which may compromise the security of your website

To make matters worse it turns out that the plugin has not been updated for more than 6 months and without even giving premium support, something unacceptable in such an important plugin, with millions of active users. [19659003] The vulnerability detected, according to explained in Zerial has a vulnerability of type XSS (Cross-Site Scripting) that allows to obtain administrator credentials.

To be able to exploit the vulnerability the administrator or a user with enough permissions must have an active session, the problem is in the "Support" section. When generating a support ticket, the system displays a form in which it assigns an "ID" as a hidden field. This value can be overwritten by setting the value via GET.

In this way, it is possible to exploit the vulnerability by injecting a payload of type "> .

 w3totalcache_xss-vulnerability "width =" 838 "height =" 446 "srcset =" https://ayudawp.com/wp-content/uploads/2016/09/w3totalcache_xss-vulnerability-840x447.png 840w, https: // ayudawp.com/wp-content/uploads/2016/09/w3totalcache_xss-vulnerabilidad-550x292.png 550w, https://ayudawp.com/wp-content/uploads/2016/09/w3totalcache_xss-vulnerabilidad-768x408.png 768w, https://ayudawp.com/wp-content/uploads/2016/09/w3totalcache_xss-vulnerabilidad.png 882w "sizes =" (max-width: 838px) 100vw, 838px "/> </p>
</p>
<h2><span id= Solutions to the vulnerability of W3 Total Cache

If you can do without the W3 Total Cache plugin I recommend you use another plugin that offers similar features For example, if you are hosted on SiteGround you can use 9022] SuperCacher which manages static cache, dynamic and memcached in a single click.

What you should not be leave your web without cache never.

] And if you do not want to stop using W3 Total Cache then it is urgent that you apply this guide to solve the problem as long as there is not a plugin update that solves the serious security problems:

  1. First of all do a backup of your WordPress .
  2. Save the W3 Total Cache settings and export the settings from the general plugin settings
  3. You can now deactivate your W3 Total Cache plugins administration page, but without deleting it or clicking on the uninstall link of the plugin.
  4. Now access the files of your WordPress installation and rename from cPanel or FTP to the folder wp-total- cache and change the name, for example to wp-total -cache-off Do not erase the folder, just rename it or WordPress will show all kinds of object cache, configuration and dependent plugins or Dropins errors. But mainly because for the next steps we need to continue there.
  5. Now you must download the version or fork created by M. Asif Rahman which solves the problem of W3 Total Cache and save it to your computer:
    Github: https://github.com/Asif2BD/W3-Total-Cache-Reloaded
    Direct download : https://github.com/Asif2BD/W3-Total-Cache-Reloaded/releases/download/0.9.4.5.2.1/w3-total-cache.zip
  6. Go back to your desktop WordPress, go to the page to add plugins and choose to upload new plugin.
  7. Locate the file recently downloaded from Github wp-total-cache.zip, upload and activate it.
  8. With the plugin already active visit the performance tab (Performance) and we will make some adjustments (see one by one):
    1. Go to Performance -> General Settings, check all settings and save.
    2. Go to Performance -> Dashboard, clear the cache.
  9. Go back to your site and see if everything is fine, and if you're sure, of course.

Summing up

Run! One of two, either you use another cache plugin or apply the patch as soon as possible. This type of vulnerabilities are exploited quickly, because they affect millions of users and there will always be some bastard willing to take advantage of it.

I recommend you look for another plugin, especially due to the lack of updates and support by W3 Total Cache

Note : On September 26 the plugin was updated after months without new features (finally) to correct the vulnerability: https://es.wordpress.org/plugins/w3-total -cache / changelog /

Loading …

may also help you: