W3 Total Cache WordPress plugin vulnerable to PHP command injection
From BleepingComputer to All on Wed Nov 19 13:15:26 2025
A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload. [...]