Bleeping Computer

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total ...
Hosted on MSN

Over a million WordPress sites exposed to attack from W3 Total Cache plugin flaw

Vulnerability was discovered in W3 Total Cache WordPress plugin, allowing for data exposure, and more It affects all versions up to 2.8.2, which was released in response Hundreds of thousands of ...
TechRadar

WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

W3 Total Cache plugin flaw CVE-2025-9501 enables unauthenticated PHP command injection Affects all versions before 2.8.13; ~327,000+ sites remain at risk WPScan PoC exploit set for Nov 24, raising ...