Vulnerabilities > CVE-2019-6715 - Unspecified vulnerability in Boldgrid W3 Total Cache

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

boldgrid

NVD

Published: 2019-04-01

Updated: 2023-05-26

Summary

pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.

Vulnerable Configurations

Part	Description	Count
Application	Boldgrid Boldgrid W3 Total Cache *	1

References

https://vinhjaxt.github.io/2019/03/cve-2019-6715
http://packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-Directory-Traversal.html