CVE-2025-9501

W3 Total Cache PHP injection via mfunc comment processor — weaponised by PCPJack worm

First seen

2026-05-10

Last seen

2026-05-10

Appearances

External references

NVD · cve.org · CISA KEV

All cited sources for this CVE (1)

nvd.nist.govCVE-2025-9501https://nvd.nist.gov/vuln/detail/CVE-2025-9501
cited in 2026-05-10

Items in briefs that mention CVE-2025-9501

No item in any parsed brief carries this CVE in its metadata footer yet. Once a brief surfaces this CVE in an item-level footer, the analysis will appear here in full.

Brief appearances

CTI Daily Brief — 2026-05-10
daily31 items
2026-05-10