W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
GitHub

Freeze on "Saving Project data ..."

Sometimes, after having modified a project from the dedicated screen and saved it, a small dialog appears with the words "Saving project data ..." which cannot be closed and the operation never ends.