CVE-2019-6715

HIGH NUCLEI

W3 Total Cache <0.9.4 - Info Disclosure

Title source: llm

Description

pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.

Exploits (2)

nomisec WORKING POC 11 stars

by random-robbie · poc

https://github.com/random-robbie/cve-2019-6715

View Code ZIP pw:eip

nomisec WORKING POC

by spyata123 · poc

https://github.com/spyata123/W3TotalChache

View Code ZIP pw:eip

Nuclei Templates (1)

W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal

HIGHby randomrobbie

References (2)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-Directory-Traversal.html

[Exploit, Third Party Advisory] https://vinhjaxt.github.io/2019/03/cve-2019-6715

Scores

CVSS v3 7.5

EPSS 0.9080

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (1)

boldgrid/w3_total_cache < 0.9.4

Published Apr 01, 2019

Tracked Since Feb 18, 2026