Security News > 2024 > February > WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
2024-02-27 14:43

A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user


News URL

https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 49 36 408 104 29 577
Plugin 2 0 13 0 0 13