September 5, 2024 at 02:03PM A critical vulnerability was found in LiteSpeed Cache, a popular caching plugin for over 6 million WordPress sites. This flaw could impact user browsing speed. Based on the meeting notes, it appears that a critical severity vulnerability has been found in LiteSpeed Cache, a caching plugin used in over 6 … Read more
August 28, 2024 at 12:33AM A critical security flaw in WPML plugin (CVE-2024-6386, CVSS score: 9.9) allows authenticated users to remotely execute arbitrary code before version 4.6.13. With Contributor-level access, attackers can exploit missing input validation and sanitization. This popular multilingual WordPress plugin has over one million installations and users are advised to apply the … Read more
December 8, 2023 at 04:48AM WordPress version 6.4.2 patches a critical security flaw potentially exploitable with plugins, particularly in multisite setups. The vulnerability stems from the WP_HTML_Token class and can lead to arbitrary PHP code execution when chained with other bugs. Patchstack advises developers to replace ‘unserialize’ function calls to prevent attacks. Takeaways from the … Read more