Arbitrary File Read Vulnerability in W3 Total Cache Plugin

Arbitrary File Read Vulnerability in W3 Total Cache Plugin

CVE-2019-6715 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.

Learn more about our Wordpress Pen Testing.