XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk | allinfosecnews.com

Feb. 27, 2024, 3:29 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. The plugin LiteSpeed Cache (free version) is a popular caching plugin in WordPress which has over 4 million active installations. An unauthenticated […]

cache caching cve flaw free hacking information security news it information security litespeed cache plugin millions patchstack pierluigi paganini plugin popular researchers risk security stored xss unauthenticated version vulnerability wordpress wordpress sites xss xss flaw

More from securityaffairs.co / Security Affairs

North Korea-linked IT workers infiltrated hundreds of US firms 15 hours ago | securityaffairs.co

arizona breaking news charged charges +15

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs 1 day, 9 hours ago | securityaffairs.co

apt backdoor backdoors breach +18

City of Wichita disclosed a data breach after the recent ransomware attack 1 day, 17 hours ago | securityaffairs.co

attack breach breaking news city +19

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog 1 day, 20 hours ago | securityaffairs.co

agency binding operational directive bod breaking news +24

CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog 1 day, 22 hours ago | securityaffairs.co

agency breaking news catalog chrome +35

North Korea-linked Kimsuky APT attack targets victims via Messenger 1 day, 23 hours ago | securityaffairs.co

accounts agency amp analysis +32

Electronic prescription provider MediSecure impacted by a ransomware attack 2 days, 9 hours ago | securityaffairs.co

attack australia breaking news cyber +26

Google fixes seventh actively exploited Chrome zero-day this year, the third in a week 2 days, 17 hours ago | securityaffairs.co

actively exploited address attacks breaking news +26

Santander: a data breach at a third-party provider impacted customers and employees 2 days, 22 hours ago | securityaffairs.co

aware bank breach breaking news +18

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com