WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

W3 Total Cache (W3TC), a WordPress plugin with more than a million users, carries a critical-severity vulnerability that ...

W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.