CVE-2026-9282

BoldGrid · W3 Total Cache

The W3 Total Cache plugin for WordPress is vulnerable to path traversal, allowing unauthenticated attackers to read sensitive files via improper input validation in the Minify component.

Executive summary

A directory traversal vulnerability in the W3 Total Cache plugin for WordPress allows unauthenticated attackers to access sensitive system files, posing a high risk of information disclosure.

Vulnerability

This is a path traversal vulnerability (CWE-22) residing in the plugin's Minify component. An unauthenticated attacker can exploit this flaw by sending specially crafted requests to read arbitrary files from the underlying server filesystem.

Business impact

Successful exploitation allows an unauthorized party to read critical configuration files, potentially including database credentials or environmental variables. Given the CVSS score of 7.5, this high-severity flaw can facilitate further unauthorized access or complete system compromise. Organizations relying on this plugin for performance optimization are at immediate risk of sensitive data exposure.

Remediation

Immediate Action: Update the W3 Total Cache plugin to a version beyond 2.9.4 immediately. If an update is not currently available from the vendor, disable the plugin until a secure version is confirmed.

Proactive Monitoring: Review server access logs for anomalous GET requests containing directory traversal sequences such as "../" directed at the Minify component endpoints.

Compensating Controls: Implement a Web Application Firewall (WAF) rule to block directory traversal patterns and restrict access to the plugin's directory paths.

Exploitation status

Public Exploit Available: false

Analyst recommendation

The severity of this vulnerability necessitates immediate attention. Administrators must prioritize updating the W3 Total Cache plugin across all WordPress instances to prevent unauthorized file access and potential system compromise.