近日，有研究人员在插件的用户模拟功能中发现了未经身份验证的权限升级漏洞 (CVE-2024-28000)，该漏洞是由 LiteSpeed Cache 6.3.0.1 及以下版本中的弱散列检查引起的。这个漏洞可能会让攻击者在创建恶意管理员账户后接管数百万个网站。 LiteSpeed Cache 是开源的，也是 ...

感谢IT之家网友 咩咩洋 的线索投递！ IT之家 8 月 23 日消息，科技媒体 bleepingcomputer 昨日（8 月 22 日）发布博文，报道称 LiteSpeed Cache WordPress 插件存在“关键”漏洞，攻击者利用该漏洞可以创建恶意管理员账号，接管数百万 WordPress 网站。 LiteSpeed Cache 简介 IT之家 ...

Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become ...

Another vulnerability was discovered in the LiteSpeed Cache WordPress plugin—an Unauthenticated Privilege Escalation that could lead to a total site takeover. Unfortunately, updating to the latest ...

A WordPress plug-in installed more than 6 million times is vulnerable to a cross-site scripting flaw (XSS) that allows attackers to escalate privileges and potentially install malicious code to enable ...

WordPress, an open source blog software and content management system, is used by 43.4% of all websites as of April 2024. It has been reported that a popular WordPress plugin , LiteSpeed Cache, is ...

The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin ...

The Wordpress plug-in LiteSpeed Cache is installed on 5 million websites. Now IT researchers have discovered a critical security vulnerability in it. IT security researchers have discovered a critical ...

A critical vulnerability in the LiteSpeed Cache plugin has been identified, potentially exposing millions of WordPress sites to severe security risks. This flaw, discovered by John Blackbourn through ...

A new vulnerability in the LiteSpeed Cache plugin for WordPress has been identified that could allow unauthenticated attackers to inject malicious code into websites ...