What is CVE-2019-6715?

CVE-2019-6715 is a vulnerability in N/a. Published 2019-04-01.

Is CVE-2019-6715 known to be exploited?

21 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-6715

pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.

EPSS: 0.915 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

random-robbie/cve-2019-6715
spyata123/W3TotalChache
0xT11/CVE-POC
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
StarCrossPortal/scalpel
WhileEndless/NucleiTemplateDocumentation
anonymous364872/Rapier_
apif-review/APIF_

References

vinhjaxt.github.io/2019/03/cve-2019-6715 (x_refsource_MISC)
packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-D… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-6715?: CVE-2019-6715 is a vulnerability in N/a. Published 2019-04-01.
Is CVE-2019-6715 known to be exploited?: 21 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.