CVE-2025-9501 | W3 Total Cache Plugin up to 2.8.12 on WordPress _parse_dynamic_mfunc os command injection (EUVD-2025-197764)

A vulnerability has been found in W3 Total Cache Plugin up to 2.8.12 on WordPress and classified as critical. This affects the function _parse_dynamic_mfunc. The manipulation leads to os command injection.

This vulnerability is referenced as CVE-2025-9501. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More