What is CVE-2024-12008?

CVE-2024-12008 is a medium-severity vulnerability in Boldgrid W3 Total Cache, classified under Information Disclosure. CVSS score: 5.3/10. Published 2025-01-14.

How severe is CVE-2024-12008?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Is CVE-2024-12008 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Boldgrid W3 Total Cache

CVE-2024-12008

The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially…

Vulnerability class: Information Disclosure

EPSS: 0.335 (97.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Boldgrid W3 Total Cache — versions 0

Weakness classification (CWE)

CWE-200 — Information Disclosure

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2024-12008?: CVE-2024-12008 is a medium-severity vulnerability in Boldgrid W3 Total Cache, classified under Information Disclosure. CVSS score: 5.3/10. Published 2025-01-14.
How severe is CVE-2024-12008?: Medium severity. CVSS v3 base score is 5.3 out of 10.
Is CVE-2024-12008 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.