{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27384", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-19T09:51:58.587Z", "datePublished": "2026-03-05T05:53:58.537Z", "dateUpdated": "2026-04-29T09:51:57.156Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "w3-total-cache", "product": "W3 Total Cache", "vendor": "BoldGrid", "versions": [{"changes": [{"at": "2.9.2", "status": "unaffected"}], "lessThanOrEqual": "2.9.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "CODE WHITE GmbH | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:30.248Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.<p>This issue affects W3 Total Cache: from n/a through <= 2.9.1.</p>"}], "value": "Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1."}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1284", "description": "Improper Validation of Specified Quantity in Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-29T09:51:57.156Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/w3-total-cache/vulnerability/wordpress-w3-total-cache-plugin-2-9-1-arbitrary-code-execution-vulnerability?_s_id=cve"}], "title": "WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T15:46:23.320040Z", "id": "CVE-2026-27384", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T15:46:46.900Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-27384", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-09T15:46:23.320040Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T15:45:43.218Z"}}], "cna": {"title": "WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "CODE WHITE GmbH | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "BoldGrid", "product": "W3 Total Cache", "versions": [{"status": "affected", "changes": [{"at": "2.9.2", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "2.9.1"}], "packageName": "w3-total-cache", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:05:30.248Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/w3-total-cache/vulnerability/wordpress-w3-total-cache-plugin-2-9-1-arbitrary-code-execution-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1.", "supportingMedia": [{"type": "text/html", "value": "Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.<p>This issue affects W3 Total Cache: from n/a through <= 2.9.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-29T09:51:57.156Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27384", "state": "PUBLISHED", "dateUpdated": "2026-04-29T09:51:57.156Z", "dateReserved": "2026-02-19T09:51:58.587Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-05T05:53:58.537Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1."}, {"lang": "es", "value": "Vulnerabilidad de Validaci\u00f3n Incorrecta de Cantidad Especificada en la Entrada en BoldGrid W3 Total Cache w3-total-cache permite Acceder a Funcionalidad No Restringida Adecuadamente por ACLs. Este problema afecta a W3 Total Cache: desde n/a hasta &lt;= 2.9.1."}], "id": "CVE-2026-27384", "lastModified": "2026-04-22T21:26:58.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:27.840", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/w3-total-cache/vulnerability/wordpress-w3-total-cache-plugin-2-9-1-arbitrary-code-execution-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.9.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "W3 Total Cache", "source": "cna", "vendor": "BoldGrid"}, "product": "w3_total_cache", "vendor": "boldgrid"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T23:32:29.342030+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest version of the W3 Total Cache plugin (\u2265\u202f2.9.2) where the quantity input is properly validated and ACL checks are enforced.", "If an upgrade is not immediately feasible, remove or deactivate the plugin to eliminate the path for exploitation.", "As a temporary measure, restrict administrator privileges in WordPress so that only trusted staff can access the plugin\u2019s settings, thereby reducing the window of opportunity for an attacker."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is BoldGrid\u2019s W3 Total Cache WordPress plugin. All releases from the earliest available version up to and including 2.9.1 are susceptible. Users running any of these versions on their WordPress sites expose themselves to this issue.", "description_and_impact": "This vulnerability arises from improper validation of the quantity input in the BoldGrid W3 Total Cache plugin, enabling attackers to invoke functionality that should be protected by access control lists. Because the plugin processes the quantity parameter without adequate checks, an attacker can execute arbitrary code on the server, effectively compromising the entire WordPress installation. The flaw directly undermines the integrity and confidentiality of the host, allowing full system compromise if exploited. The weakness is a classic example of unauthorized modification of software, as categorized by CWE-1284.", "risk_and_exploitability": "The CVSS v3.1 base score of 9.0 rates the flaw as critical, indicating a modern attacker could gain full control after successful exploitation. The EPSS score of less than 1% suggests that widespread exploitation has not yet occurred, and the vulnerability is not currently listed in the CISA Known Exploited Vulnerabilities catalog. Nonetheless, because the flaw permits arbitrary code execution and requires no special privileges beyond those with access to the plugin\u2019s settings, the likelihood of successful attacks in environments with exposed WordPress administration interfaces remains non\u2011trivial. Attackers would likely leverage authenticated access or misconfigured permissions to exploit the quantity parameter described in the plugin\u2019s source code."}}}}, "created": "2026-03-06T15:12:10.541702+00:00", "updated": "2026-04-15T23:45:05.912417+00:00", "vendors": ["boldgrid", "boldgrid$PRODUCT$w3_total_cache", "wordpress", "wordpress$PRODUCT$wordpress"]}