cleantalk
Vulnerabilities and Security Researches

W3 Total Cache, 7f3b8aa7e2f030804e7f93da0c1085499f696a4b

CVE, Research URL

7f3b8aa7e2f030804e7f93da0c1085499f696a4b

Home page URL

Security reports for W3 Total Cache

Application

W3 Total Cache

Published on
May 07, 2019
Research Description
W3 Total Cache [w3-total-cache] < 0.9.7.4 W3 Total Cache <= 0.9.7.3 - Improper Input Validation via openssl_verify W3 Total Cache in versions 0.5 up to 0.9.7.3 does not sufficiently validate the "openssl_verify" result in "/services/MessageValidator/MessageValidator.php". A remote attacker can create a specially crafted certificate and bypass cryptographic checks.
Affected versions
max 0.9.7.4.
Status
vulnerable
Previous vulnerability researches
W3 Total Cache (CVE-2026-39595) , Jun 19, 2026
W3 Total Cache (CVE-2024-12365) , Jan 14, 2025
W3 Total Cache (CVE-2024-12006) , Jan 14, 2025
W3 Total Cache (CVE-2024-12008) , Jan 14, 2025
W3 Total Cache (91816c620bff939df0db1b9923ab56362614d8ff) , Jun 16, 2026
New vulnerability
CF7 to Webhook (CVE-2026-11395) , Jun 19, 2026
W3 Total Cache (CVE-2026-39595) , Jun 19, 2026
Advanced Ads – Ad Manager &amp; AdSense (CVE-2026-54816) , Jun 19, 2026
Advanced Order Export For WooCommerce (CVE-2026-11360) , Jun 19, 2026
WP Activity Log (CVE-2026-54806) , Jun 18, 2026