EIP-2026-114181

PRE-CVE

WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114181. PoCs published by SunCSR Team.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated directory traversal vulnerability in the WordPress W3 Total Cache plugin (versions 0.9.2.6 to 0.9.3) to read arbitrary files with web server privileges. It sends a crafted JSON payload via a PUT request to trigger the vulnerability.

Description

WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by SunCSR Team · rubywebappsphp

https://www.exploit-db.com/exploits/49317

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated directory traversal vulnerability in the WordPress W3 Total Cache plugin (versions 0.9.2.6 to 0.9.3) to read arbitrary files with web server privileges. It sends a crafted JSON payload via a PUT request to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress W3 Total Cache plugin versions 0.9.2.6-0.9.3

No auth needed

Prerequisites: Target must have the vulnerable W3 Total Cache plugin installed and accessible

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026