#SiteTakeover

LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks

by

September 6, 2024 at 06:30AM A critical vulnerability, CVE-2024-44000, was discovered in the LiteSpeed Cache plugin for WordPress, allowing attackers to potentially take over websites by retrieving and using stored user cookies. The flaw was identified and reported by Patchstack, who emphasized the importance of securing the debug log process. The issue was resolved with … Read more

Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover

by

August 20, 2024 at 11:06AM A critical vulnerability in the GiveWP WordPress plugin (CVE-2024-5932, CVSS score 10/10) exposed over 100,000 websites, allowing unauthenticated attackers to execute arbitrary remote code or delete files. Exploiting a bug in serialization, attackers could potentially take over affected sites, which has been addressed in version 3.14.2 and users are urged … Read more