Security News > 2024 > September > Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
2024-09-06 06:35
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. "The plugin suffers from an
News URL
https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
Related news
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- Critical security hole in Apache Struts under exploit (source)
- Premium WPLMS WordPress plugins address seven critical flaws (source)
- Unpatched critical flaws impact Fancy Product Designer WordPress plugin (source)
- The ongoing evolution of the CIS Critical Security Controls (source)
- W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-44000 | Insufficiently Protected Credentials vulnerability in Litespeedtech Litespeed Cache Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. | 9.8 |