Showing posts with label Word Press W3 Total Cache Vulnerability. Show all posts
Showing posts with label Word Press W3 Total Cache Vulnerability. Show all posts

Saturday, 29 December 2012

The new Wordpress Vuln and How to find its victims

A sample of the loot from the W3 Total Cache vuln
So an interesting little misconfiguration has reared its ugly head in some WordPress sites.The vulnerability effects all WordPress sites that make use of a plugin called "W3 Total Cache"---you can get it here---. 

In this post I'm going to discuss exactly what the vulnerability is and why its bad news and then I'll quickly discuss how to find some loot and show you some of the awesome loot you can dig out with something like this. Enjoy!