Title: W3 Total Cache PHP Code Injection
Last modified: June 13, 2023

---

# W3 Total Cache PHP Code Injection

 *  Resolved [melparker](https://wordpress.org/support/users/melparker/)
 * (@melparker)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/w3-total-cache-php-code-injection/)
 * Hi,
 * I read at [https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-w3-total-cache-php-code-injection-0-9-2-8/](https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-w3-total-cache-php-code-injection-0-9-2-8/)
   that
 * WordPress Plugin W3 Total Cache is prone to a vulnerability that lets remote 
   attackers inject and execute arbitrary code because the application fails to 
   sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary
   PHP code within the context of the affected webserver process.
 * Remediation: Update to plugin version 0.9.2.9 or latest
 * Has this issue been fixed? I have version Version 2.3.2 now.
 * Thanks

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Contributor [Marko Vasiljevic](https://wordpress.org/support/users/vmarko/)
 * (@vmarko)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/w3-total-cache-php-code-injection/#post-16815943)
 * Hello [@melparker](https://wordpress.org/support/users/melparker/)
 * Thank you for your question and I am happy to help!
 * The version that is mentioned in this article **0.9.2.8** is very old. Since 
   then we have implemented a lot of fixes and updates, and also the security measures.
 * This was fixed a long time ago and you don’t have to worry about this.
 * Thanks!
 *  Thread Starter [melparker](https://wordpress.org/support/users/melparker/)
 * (@melparker)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/w3-total-cache-php-code-injection/#post-16816191)
 * Great, thanks!
 *  Plugin Contributor [Marko Vasiljevic](https://wordpress.org/support/users/vmarko/)
 * (@vmarko)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/w3-total-cache-php-code-injection/#post-16818462)
 * Hello [@melparker](https://wordpress.org/support/users/melparker/)
 * You are most welcome!
 * We would really appreciate it if you could take a minute and post a review [here](https://wordpress.org/support/plugin/w3-total-cache/reviews/).
   This will help us to continue offering a top-notch product to users.
   Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘W3 Total Cache PHP Code Injection’ is closed to new replies.

 * ![](https://ps.w.org/w3-total-cache/assets/icon-256x256.png?rev=1041806)
 * [W3 Total Cache](https://wordpress.org/plugins/w3-total-cache/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/w3-total-cache/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/w3-total-cache/)
 * [Active Topics](https://wordpress.org/support/plugin/w3-total-cache/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/w3-total-cache/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/w3-total-cache/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Marko Vasiljevic](https://wordpress.org/support/users/vmarko/)
 * Last activity: [2 years, 11 months ago](https://wordpress.org/support/topic/w3-total-cache-php-code-injection/#post-16818462)
 * Status: resolved