Security News > 2024 > September > Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
2024-09-06 06:35
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. "The plugin suffers from an
News URL
https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
Related news
- W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Don't Overlook These 6 Critical Okta Security Configurations (source)
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-44000 | Insufficiently Protected Credentials vulnerability in Litespeedtech Litespeed Cache Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. | 9.8 |