Security News > 2024 > September > Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
2024-09-06 06:35
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. "The plugin suffers from an
News URL
https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
Related news
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing (source)
- WordPress Security Checklist (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites (source)
- LiteSpeed Cache WordPress plugin bug lets hackers get admin access (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Security plugin flaw in millions of WordPress sites gives admin access (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- Major security audit of critical FreeBSD components now available (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-44000 | Insufficiently Protected Credentials vulnerability in Litespeedtech Litespeed Cache Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. | 9.8 |