WordPress Plugin Vulnerabilities

W3 Total Cache < 0.9.5 - Weak Validation of Amazon SNS Push Messages

Description

The W3 Total Cache WordPress plugin was affected by a Weak Validation of Amazon SNS Push Messages security vulnerability.

Affects Plugins

Plugin icon
w3-total-cache
Fixed in 0.9.5

References

URL
https://sumofpwn.nl/advisory/2016/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html
URL
https://seclists.org/fulldisclosure/2016/Nov/61

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
70c644e0-3d60-4f97-bdbb-39b5cec25c7f

Timeline

Publicly Published
2016-11-10 (about 9 years ago)
Added
2016-11-14 (about 9 years ago)
Last Updated
2026-04-13 (about 1 month ago)

Other

Published
Title
Published
2020-01-08
Title
Minimal Coming Soon & Maintenance Mode < 2.15 - Insecure Permissions: Enable and Disable Maintenance Mode
Published
2022-04-07
Title
SiteGround Security < 1.2.6 - Authentication Bypass via 2-FA Authentication Setup
Published
2022-05-17
Title
iQ Block Country < 1.2.20 - Protection Bypass due to IP Spoofing
Published
2024-01-31
Title
BookIt <= 2.4.0 - Price Bypass
Published
2019-04-11
Title
YellowPencil Visual CSS Style Editor <= 7.2.0 - Unauthenticated Arbitrary Options Updates