With a combined total of well over 6 million downloads, WP Super Cache and W3 Total Cache are two of the most popular WordPress caching plugins. However, it’s recently been discovered that both of these plugins have a vulnerability that allows remote execution of arbitrary PHP code.
The affected versions are as follows:
The vulnerabilities were announced in the WordPress.org forums about a month ago and both plugin developers have since released updates to rectify the situation.
Both of these plugins support on-page dynamic content. You can stop caching on specific parts of the page. There are currently 3 tags that you can use to create dynamic snippets. A more detailed explanation can be found on the WP Super Cache FAQ page at http://wordpress.org/extend/plugins/wp-super-cache/faq/.
Millions of people are using these WordPress caching plugins
This vulnerability potentially affects more than 6 million WordPress installations. If you are running either of these WordPress caching plugins on your website, it is imperative that you update them immediately.
For full details about the vulnerabilities, please refer to the article at: http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/
If you are a current client of WPMule and you are using one of these plugins, your site has already been updated. This is one of the many benefits of automated site maintenance services such as WPMule.