W3 Total Cache Missing Capability Check Vulnerability Allowing Unauthenticated Plugin Deactivation and Extensions Management
Vulnerability
A vulnerability exists in the W3 Total Cache plugin for WordPress, affecting all versions through 2.8.1. The issue arises from a lack of proper capability checks in several functions, allowing unauthenticated users to deactivate the main plugin and manage its extensions by activating or deactivating them.
Impact
Exploitation of this vulnerability could lead to unauthorized deactivation of the W3 Total Cache plugin and its extensions, potentially disrupting website performance and caching management.
Reproduction
The vulnerability can be reproduced by sending a request to the WordPress admin area without proper authentication. This can be done by manually crafting a request or using a tool that automates the process, such as a vulnerability scanner or a custom script. The absence of a capability check allows the request to be processed, resulting in the deactivation of the W3 Total Cache plugin or its extensions.
Remediation
Users are advised to update the W3 Total Cache plugin to version 2.8.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.