WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

It has been discovered that the WordPress plugin LiteSpeed Cache contains a security flaw that could allow unauthorized users to elevate their privileges.

The issue, which was tracked as CVE-2023-40000, was fixed in version 5.7.0.1 released in October 2023.

According to Patchstack researcher Rafie Muhammad, this plugin has an unauthenticated site-wide stored [cross-site scripting] vulnerability that could enable any unauthenticated user to steal sensitive data and use it to escalate privileges on the WordPress website with just one HTTP request.

More than five million people have installed LiteSpeed Cache, a tool for enhancing website performance read more WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *