---
title: "WordPress W3 Total Cache and WP Super Cache Vulnerability"
description: "There have recently been vulnerabilities found in two very popular WordPress caching plugins, W3 Total Cache (W3TC) and WP Super Cache. These plugins should immediately be updated to their latest..."
url: https://www.inmotionhosting.com/support/website/wordpress-w3-total-cache-and-wp-super-cache-vulnerability/
date: 2013-04-25
modified: 2021-08-16
author: "InMotion Hosting Contributor"
categories: ["Website", "WordPress Hosting", "WordPress Tutorials"]
type: post
lang: en
---

# WordPress W3 Total Cache and WP Super Cache Vulnerability

There have recently been vulnerabilities found in two very popular WordPress caching plugins, W3 Total Cache (W3TC) and WP Super Cache. These plugins should immediately be updated to their latest versions which patches the current exposed exploits.

As InMotion Hosting and many other hosting providers recommend both the [W3 Total Cache](https://www.inmotionhosting.com/support/edu/wordpress/plugins/w3-total-cache/) and [WP Super Cache](https://www.inmotionhosting.com/support/edu/wordpress/plugins/wp-super-cache/) WordPress caching plugins, there is an estimated 6 Million users spread between the two plugins.

## Scope of problem

Both of these great WordPress caching plugins have unfortunately had an extreme security risk exposed in older versions, and these exploits could possibly allow for remote code execution (RCE). So this call to upgrade is not to be taken lightly.

## What versions are safe?

If you are running any version older than the below of either of these WordPress plugins, we recommend **immediately** updating to the latest version release from the plugin authors.

| W3 Total Cache | 0.9.2.9 |
| --- | --- |
| WordPress Super Cache | 1.3.2 |

## Update WP Super Cache or W3TC

If you are running a version of these plugins that is older than what’s above, you call follow my guide on [how to update a WordPress plugin](/support/edu/wordpress/plugins/update-wordpress-plugin/).

For more information you can check out either the [W3 Total Cache changelog](https://wordpress.org/extend/plugins/w3-total-cache/changelog/), or the [WP Super Cache changelog](https://wordpress.org/extend/plugins/wp-super-cache/changelog/).

If you believe your WordPress website has been affected by this recent exploit, you might be interested in following our guide on how to [reinstall WordPress after a hack](/support/edu/wordpress/reinstall-wordpress-after-a-hack/), or as always please [contact technical support](/support/amp/how-to-get-great-technical-support/) for further assistance.
