Security News W3 Total Cache WordPress plugin vulnerable to PHP command injection BleepingComputer Daniel Bender 19 Nov 2025 A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
