#CVE202444000

LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks

by

September 6, 2024 at 06:30AM A critical vulnerability, CVE-2024-44000, was discovered in the LiteSpeed Cache plugin for WordPress, allowing attackers to potentially take over websites by retrieving and using stored user cookies. The flaw was identified and reported by Patchstack, who emphasized the importance of securing the debug log process. The issue was resolved with … Read more

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

by

September 6, 2024 at 03:27AM A critical security flaw (CVE-2024-44000) has been found in LiteSpeed Cache plugin for WordPress, affecting versions up to 6.4.1. Unauthenticated users could take control of arbitrary accounts. The vulnerability, resolved in version 6.5.0.1, stems from a publicly exposed debug log file. Users are urged to check for the file and … Read more