Security News > 2024 > October > LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
2024-10-31 10:24
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin. "The plugin suffers from an unauthenticated privilege escalation vulnerability
News URL
https://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html
Related news
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites (source)
- LiteSpeed Cache WordPress plugin bug lets hackers get admin access (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-50550 | Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1. | 0.0 |