Arbitrary File Read Vulnerability in W3 Total Cache Plugin
CVE-2019-6715 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.
Learn more about our Wordpress Pen Testing.