{"id":5565,"date":"2013-05-05T13:48:12","date_gmt":"2013-05-05T17:48:12","guid":{"rendered":"http:\/\/g33kinfo.com\/info\/?p=5565"},"modified":"2013-05-05T13:48:12","modified_gmt":"2013-05-05T17:48:12","slug":"new-w3-total-cache-and-wp-super-cache-vulnerability","status":"publish","type":"post","link":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/","title":{"rendered":"New W3 Total Cache and WP Super Cache Vulnerability"},"content":{"rendered":"<p>From <a href=\"http:\/\/blog.sucuri.net\/2013\/05\/w3-total-cache-and-wp-super-cache-vulnerability-being-targeted-in-the-wild.html\" target=\"_blank\" rel=\"noopener noreferrer\">blog.sucuri.net<\/a><\/p>\n<p>As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we have started to see attacks spring up across our network.<\/p>\n<p>In our post you might remember this:<\/p>\n<p><code>< !\u2013mfunc echo PHP_VERSION; \u2013>< !\u2013\/mfunc\u2013><\/code><\/p>\n<p>In this example we explained how it was a very simple approach to displaying the version of PHP on your server. There were a lot of questions following that saying, well what\u2019s so harmful in that. Etc\u2026 With little help from us the attackers go on to show us what they can do.<\/p>\n<p><!--more--><\/p>\n<p><strong>Taking a Look at the Attacks<\/strong><br \/>\nIn this section I\u2019ll show you three of the various attacks we\u2019re seeing. In each you can see how they abuse the mfunc vulnerability, one in a more traditional approach of injecting a backdoor and other in a more creative way that allows them to abuse HTTP headers. In either case they all seem to be getting passed via comments, and we give an example of that below. This is obviously for educational purposes only.<\/p>\n<p><strong>Example One \u2013 Targeting HTTP Headers<\/strong><\/p>\n<p>So in this example we see them abusing the mfunc vulnerability to pass shell commands via the HTTP headers in the place of the URL itself.<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\" alt=\"Screen-Shot-2013-05-03-at-8.56.49-PM\" width=\"600\" height=\"28\" class=\"aligncenter size-medium wp-image-5577\" \/><\/a><\/p>\n<p>In this instance they are attacking your site while leaving very little trace, for instance they can do things like:<br \/>\n<code><br \/>\nHTTP_CMD: Base64 encode of the backdoor\/code they want to run<br \/>\nAnd it works with GET. Here is a better explanation if you\u2019re not following:<br \/>\n<\/code><\/p>\n<p>A normal header would look something like this:<br \/>\n<code><br \/>\nConnected to site.com (IP) port 80 (#0)<br \/>\nGET \/ HTTP\/1.1<br \/>\nUser-Agent: curl\/7.24.0 (x86_64-apple-darwin12.0) libcurl\/7.24.0 OpenSSL\/0.9.8r zlib\/1.2.5<br \/>\nHost: blog.sucuri.net<br \/>\nAccept: *\/*<\/code><\/p>\n<p>With this attack it\u2019d look something like this:<br \/>\n<code><br \/>\nConnected to site.com (IP) port 80 (#0)<br \/>\nGET \/ HTTP\/1.1<br \/>\nUser-Agent: curl\/7.24.0 (x86_64-apple-darwin12.0) libcurl\/7.24.0 OpenSSL\/0.9.8r zlib\/1.2.5<br \/>\nHost: blog.sucuri.net<br \/>\nHTTP_CMD: Base64 encode of the backdoor\/code they want to run<br \/>\nAccept: *\/*<br \/>\n<\/code><\/p>\n<p>Most folks would never even log that, so forensically speaking it\u2019d be hard to know they were attacking this way.<\/p>\n<p><strong>Example Two \u2013 Passing a Backdoor<\/strong><\/p>\n<p>So in this example they misuse the mfunc and use it to pass a backdoor into your server. Not nice at all.<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.54.05-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.54.05-PM-300x72.png\" alt=\"Screen-Shot-2013-05-03-at-7.54.05-PM\" width=\"600\" height=\"144\" class=\"aligncenter size-medium wp-image-5571\" \/><\/a><\/p>\n<p>In this case it looks a bit worse, but when you decode it, it\u2019s a lot easier to understand, her it is decoded:<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.56.09-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.56.09-PM-300x47.png\" alt=\"Screen-Shot-2013-05-03-at-7.56.09-PM\" width=\"600\" height=\"94\" class=\"aligncenter size-medium wp-image-5572\" \/><\/a><\/p>\n<p>Do you see what they\u2019re doing? How they\u2019re passing basic PHP commands to your server? Look here:<br \/>\n<code><br \/>\nfopen<br \/>\nfputs<br \/>\neval<br \/>\nbase64_decode<br \/>\nfclose<\/code><\/p>\n<p>They\u2019re using basic PHP functions against you. They use the fopen to open a new file called maeksv.php. They then inject the payload into that file using puts, they encode it, and proceed to close the file. If you look at the payload that was dropped into that file you find something like this:<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.58.36-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-7.58.36-PM-300x22.png\" alt=\"Screen-Shot-2013-05-03-at-7.58.36-PM\" width=\"600\" height=\"44\" class=\"aligncenter size-medium wp-image-5573\" \/><\/a><\/p>\n<p>Don\u2019t worry, a little fine tuning and you see it\u2019s real intention here:<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.03.32-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.03.32-PM-300x19.png\" alt=\"Screen-Shot-2013-05-03-at-8.03.32-PM\" width=\"600\" height=\"38\" class=\"aligncenter size-medium wp-image-5574\" \/><\/a><\/p>\n<p>Using this the attacker can now do something like this:<br \/>\n<code><br \/>\nhttp:\/\/goodsitebeingexploited\/wp-content\/cache\/dcfay.php?jebfvlg=<\/code><\/p>\n<p><strong>Example Three \u2013 Embedded with Comments<\/strong><\/p>\n<p>We know that these are occurring via comments but it\u2019s always fun to see the things they say, like this for instance:<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.31.42-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.31.42-PM-300x121.png\" alt=\"Screen-Shot-2013-05-03-at-8.31.42-PM\" width=\"600\" height=\"242\" class=\"aligncenter size-medium wp-image-5575\" \/><\/a><\/p>\n<p>Or even this:<\/p>\n<p><a href=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.33.57-PM.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.33.57-PM-300x106.png\" alt=\"Screen-Shot-2013-05-03-at-8.33.57-PM\" width=\"600\" height=\"212\" class=\"aligncenter size-medium wp-image-5576\" \/><\/a><\/p>\n<p>So in these scenarios they are leaving you what appear to be legitimate, yet silly, comments. If you&#8217;re none the wiser that\u2019s all you\u2019d see, approve and be on your way.<\/p>\n<p>Where are they Coming From<br \/>\nWell, here are some of the IPs we\u2019re picking up via our network:<br \/>\n<code><br \/>\n188.142.107.174<br \/>\n122.72.12.90<br \/>\n91.224.160.104<br \/>\n91.224.160.104<br \/>\n119.36.87.32<br \/>\n92.126.217.47<br \/>\n74.91.17.35<br \/>\n58.23.3.190<br \/>\n220.255.1.77<br \/>\n220.255.1.44<br \/>\n220.255.1.31<br \/>\n95.154.243.11<br \/>\n91.224.160.104<br \/>\n201.59.55.142<br \/>\n201.249.21.35<br \/>\n119.36.87.32<br \/>\n125.67.234.251<br \/>\n177.12.227.13<br \/>\n77.175.95.163<br \/>\n190.205.16.152<br \/>\n109.123.111.99<br \/>\n211.138.151.117<br \/>\n183.63.27.145<br \/>\n84.39.28.158<br \/>\n91.224.160.104<br \/>\n94.199.60.19<br \/>\n54.248.89.183<br \/>\n185.12.46.81<br \/>\n87.236.208.232<br \/>\n36.48.69.182<br \/>\n83.236.193.82<br \/>\n177.10.24.34<br \/>\n118.186.86.38<br \/>\n114.80.136.171<br \/>\n77.235.192.178<br \/>\n58.240.98.179<br \/>\n85.15.227.78<br \/>\n78.46.64.21<br \/>\n119.254.84.87<br \/>\n78.46.64.21<br \/>\n91.224.160.104<br \/>\n78.46.64.21<br \/>\n78.46.64.21<br \/>\n91.224.160.104<br \/>\n124.227.191.75<br \/>\n54.234.65.111<br \/>\n54.246.89.20<\/code><\/p>\n<p>Some quick look ups show us IPs coming from all over \u2013 Netherlands, Brazil, China, Russia, Singapore..<\/p>\n<p><strong>What To Do?<\/strong><br \/>\nThe most obvious thing is to update immediately, both authors have made changes to their core to address these issues. That in it of itself will help you. Other options include the following:<\/p>\n<ol>\n<li>Leveraging a Web Application Firewall (WAF)<\/li>\n<li>Adding Captcha\u2019s to comments to deter spam bots<\/li>\n<li>Ensure all comments are going through some kind of moderation<\/li>\n<li>Don\u2019t land the comments on your server, leverage 3rd party plugins \u2013 e.g., Disqus<\/li>\n<li>In the guidane above do realize that the captcha won\u2019t necessarily protect you if you accept it, but it should slow bot attacks.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>From blog.sucuri.net As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we have started to see attacks spring up across our network. In our post you might remember this: < !\u2013mfunc echo PHP_VERSION; \u2013>< !\u2013\/mfunc\u2013> In this example we explained&#8230; <\/p>\n<div class=\"read-more navbutton\"><a href=\"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/\">Read More<i class=\"fa fa-angle-double-right\"><\/i><\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-5565","post","type-post","status-publish","format-standard","hentry","category-info"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff\" \/>\n<meta property=\"og:description\" content=\"From blog.sucuri.net As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we have started to see attacks spring up across our network. In our post you might remember this: &lt; !\u2013mfunc echo PHP_VERSION; \u2013&gt;&lt; !\u2013\/mfunc\u2013&gt; In this example we explained... Read More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Linux Shtuff\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/fb.me\/g33kinf0\" \/>\n<meta property=\"article:author\" content=\"https:\/\/fb.me\/g33kinf0\" \/>\n<meta property=\"article:published_time\" content=\"2013-05-05T17:48:12+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\" \/>\n<meta name=\"author\" content=\"g33kadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/drsinger1111\" \/>\n<meta name=\"twitter:site\" content=\"@drsinger1111\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/\"},\"author\":{\"name\":\"g33kadmin\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"headline\":\"New W3 Total Cache and WP Super Cache Vulnerability\",\"datePublished\":\"2013-05-05T17:48:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/\"},\"wordCount\":632,\"publisher\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"image\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\",\"articleSection\":[\"General Info\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/\",\"name\":\"New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\",\"datePublished\":\"2013-05-05T17:48:12+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#primaryimage\",\"url\":\"http:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\",\"contentUrl\":\"http:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/new-w3-total-cache-and-wp-super-cache-vulnerability\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New W3 Total Cache and WP Super Cache Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#website\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/\",\"name\":\"Linux Shtuff\",\"description\":\"Because I have CRS Syndrome...\",\"publisher\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\",\"name\":\"g33kadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"contentUrl\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"width\":512,\"height\":512,\"caption\":\"g33kadmin\"},\"logo\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\"},\"description\":\"I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com\\\/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....\",\"sameAs\":[\"https:\\\/\\\/thelinuxreport.com\",\"https:\\\/\\\/fb.me\\\/g33kinf0\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/twitter.com\\\/drsinger1111\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff","og_description":"From blog.sucuri.net As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we have started to see attacks spring up across our network. In our post you might remember this: < !\u2013mfunc echo PHP_VERSION; \u2013>< !\u2013\/mfunc\u2013> In this example we explained... Read More","og_url":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/","og_site_name":"Linux Shtuff","article_publisher":"https:\/\/fb.me\/g33kinf0","article_author":"https:\/\/fb.me\/g33kinf0","article_published_time":"2013-05-05T17:48:12+00:00","og_image":[{"url":"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png","type":"","width":"","height":""}],"author":"g33kadmin","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/drsinger1111","twitter_site":"@drsinger1111","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#article","isPartOf":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/"},"author":{"name":"g33kadmin","@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"headline":"New W3 Total Cache and WP Super Cache Vulnerability","datePublished":"2013-05-05T17:48:12+00:00","mainEntityOfPage":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/"},"wordCount":632,"publisher":{"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"image":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#primaryimage"},"thumbnailUrl":"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png","articleSection":["General Info"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/","url":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/","name":"New W3 Total Cache and WP Super Cache Vulnerability - Linux Shtuff","isPartOf":{"@id":"https:\/\/g33kinfo.com\/info\/#website"},"primaryImageOfPage":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#primaryimage"},"thumbnailUrl":"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png","datePublished":"2013-05-05T17:48:12+00:00","breadcrumb":{"@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#primaryimage","url":"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png","contentUrl":"http:\/\/g33kinfo.com\/info\/wp-content\/uploads\/Screen-Shot-2013-05-03-at-8.56.49-PM-300x14.png"},{"@type":"BreadcrumbList","@id":"https:\/\/g33kinfo.com\/info\/new-w3-total-cache-and-wp-super-cache-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/g33kinfo.com\/info\/"},{"@type":"ListItem","position":2,"name":"New W3 Total Cache and WP Super Cache Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/g33kinfo.com\/info\/#website","url":"https:\/\/g33kinfo.com\/info\/","name":"Linux Shtuff","description":"Because I have CRS Syndrome...","publisher":{"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/g33kinfo.com\/info\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547","name":"g33kadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","url":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","contentUrl":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","width":512,"height":512,"caption":"g33kadmin"},"logo":{"@id":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif"},"description":"I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com\/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....","sameAs":["https:\/\/thelinuxreport.com","https:\/\/fb.me\/g33kinf0","https:\/\/x.com\/https:\/\/twitter.com\/drsinger1111"]}]}},"_links":{"self":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts\/5565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/comments?post=5565"}],"version-history":[{"count":0,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts\/5565\/revisions"}],"wp:attachment":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/media?parent=5565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/categories?post=5565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/tags?post=5565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}