all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

Add to bookmarks
Feb. 27, 2024, 2:43 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges.
Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1.
"This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user

cache cross-site cve enable october plugin plugin vulnerability privileges risk scripting security security vulnerability unauthenticated version vulnerability wordpress

Visit resource

More from thehackernews.com / The Hacker News

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw an hour ago | thehackernews.com
attack attack chain cobalt cobalt strike +19
Bogus npm Packages Used to Trick Software Developers into Installing Malware 8 hours ago | thehackernews.com
backdoor bogus campaign cybersecurity +25
Severe Flaws Disclosed in Brocade SANnav SAN Management Software 23 hours ago | thehackernews.com
application area brocade compromise +17
10 Critical Endpoint Security Tips You Should Know 1 day, 3 hours ago | thehackernews.com
breaches business connectivity critical +20
New 'Brokewell' Android Malware Spread Through Fake Browser Updates 1 day, 3 hours ago | thehackernews.com
analysis android android malware banking +15
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack 1 day, 3 hours ago | thehackernews.com
alto attack command critical +23
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites 1 day, 8 hours ago | thehackernews.com
accounts admin automatic bug +18
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures 1 day, 21 hours ago | thehackernews.com
access actor binary called +19
Network Threats: A Step-by-Step Attack Demonstration 2 days, 2 hours ago | thehackernews.com
access advanced attack attackers +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs