Security News > 2024 > October > WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
2024-10-04 09:11
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2. It was
News URL
https://thehackernews.com/2024/10/wordpress-litespeed-cache-plugin.html
Related news
- LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites (source)
- LiteSpeed Cache WordPress plugin bug lets hackers get admin access (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- Security plugin flaw in millions of WordPress sites gives admin access (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)