A serious flaw in the W3 Total Cache plugin that’s used on over a million WordPress sites could let attackers steal various types of info, including metadata from cloud apps.
Improve Loading Times and SEO with Caching Solutions
This plugin works by using different caching methods to speed up websites, cut down loading times, and improve SEO performance overall.
The issue is tracked as CVE-2024-12365. Even though the developer has rolled out a fix in the newest version, many sites haven’t updated yet.
Critical Security Issue in Plugin’s is_w3tc_admin_page Function
Wordfence points out that the problem comes from a lack of checks in the ‘is_w3tc_admin_page’ function in all versions including the latest one, 2.8.2. This opens the door for attackers to access the plugin’s security nonce value and perform unauthorized tasks.
If an attacker has at least subscriber-level access, which isn’t hard to get, they can exploit this vulnerability.
Plugins are what make WordPress great, but they can also be a source of vulnerabilities if not properly managed.
Here are the main risks tied to CVE-2024-12365:
- Server-Side Request Forgery (SSRF), which means making web requests that could expose sensitive info, like metadata in cloud apps.
- Information disclosure.
- Misusing services by going over cache service limits, which could hurt website performance and run up costs.
Website Vulnerability: Attackers Utilize Infrastructure for Attacks
In real-world terms, this vulnerability lets attackers use the website’s infrastructure to route requests elsewhere and use that data for further attacks.
If you’re affected, it’s crucial to upgrade to version 2.8.2 of W3 Total Cache as it fixes this flaw.
According to download stats from wordpress.org, about 150,000 sites have updated since the latest version launched, which means many WordPress sites still remain at risk.
Generally, it’s a good idea for website owners to limit the number of plugins they install and get rid of any that aren’t necessary.
Also, having a web application firewall could help because it can catch and block attempts to exploit these vulnerabilities.
