There is a new serious WordPress vulnerability in certain versions of two popular WordPress caching plugins, W3TC and WP Super Cache. The vulnerability allows remote PHP code to be executed locally on a server for anyone running either of the plugins. An attacker could then execute code on the infected server.
CloudFlare has applied a rule to our network which automatically rotects all CloudFlare customers, including those on free plans. Details about the vulnerability are available at:
