LiteSpeed Cache plugin for WordPress has a critical security vulnerability
A new flaw was found, granting threat actors full access to vulnerable websites.
Security researchers have found yet another critical vulnerability in the LiteSpeed Cache plugin for WordPress that allows threat actors to take over websites.
Four months after patching an unauthenticated cross-site scripting flaw, the popular optimization plugin was found vulnerable to a bug described as an “unauthenticated account takeover vulnerability”. In other words, an unauthenticated malicious visitor could abuse the hole to gain access to any logged-in user, including admin accounts. That, as you may presume, grants the attacker full access to the website to do with it as they please.
The bug is tracked as CVE-2024-44000, and carries a severity score of 7.5. Version 6.4.1, and all versions before, were said to be vulnerable. A patch has been deployed which brings LiteSpeed Cache to version 6.5.0.1, and users are advised to install it as soon as possible.
Low severity score
Describing how the flaw works, researchers from Patchstack said that LiteSpeed Cache has kept the debug.log file publicly exposed, allowing unauthenticated individuals to view sensitive information found inside. Besides login credentials, the file includes cookie information from HTTP response headers, and more.
The flaw was given a relatively low severity score since the debug feature must be enabled on WordPress, for the flaw to be abusable. It is disabled by default.
"This vulnerability highlights the critical importance of ensuring the security of performing a debug log process, what data should not be logged, and how the debug log file is managed," Patchstack explained.
LiteSpeed Cache is a plugin for the website builder WordPress promising faster page load times, better user experience, and improved Google Search Results Page positions. It is designed to improve website performance by reducing page load times, which it achieves by storing static versions of dynamic content. When a user requests a page, LSCache serves the cached version, minimizing the need for the server to regenerate the page repeatedly. This results in faster response times and reduced server load.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via The Hacker News
More from TechRadar Pro
- Watch out — hackers can exploit this plugin to gain full control of your WordPress site
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.