XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk | allinfosecnews.com

Feb. 27, 2024, 3:29 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. The plugin LiteSpeed Cache (free version) is a popular caching plugin in WordPress which has over 4 million active installations. An unauthenticated […]

cache caching cve flaw free hacking information security news it information security litespeed cache plugin millions patchstack pierluigi paganini plugin popular researchers risk security stored xss unauthenticated version vulnerability wordpress wordpress sites xss xss flaw

More from securityaffairs.co / Security Affairs

Panda Restaurant Group disclosed a data breach 2 hours ago | securityaffairs.co

breach breaking news cyber crime cybercrime +14

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia 15 hours ago | securityaffairs.co

agency breaking news classified colorado +16

Cuttlefish malware targets enterprise-grade SOHO routers 15 hours ago | securityaffairs.co

authentication black lotus black lotus labs cloud +26

A flaw in the R programming language could allow code execution 17 hours ago | securityaffairs.co

arbitrary code arbitrary code execution breaking news code +22

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall 1 day, 1 hour ago | securityaffairs.co

apt bypass china china great firewall +21

Notorious Finnish Hacker sentenced to more than six years in prison 1 day, 12 hours ago | securityaffairs.co

aleksanteri kivimäki breaking news center cyber crime +17

CISA guidelines to protect critical infrastructure against AI-based threats 1 day, 16 hours ago | securityaffairs.co

agency ai ai risks analysis +27

NCSC: New UK law bans default passwords on smart devices 2 days, 2 hours ago | securityaffairs.co

april ban bans breaking news +29

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user … 2 days, 4 hours ago | securityaffairs.co

access breaking news carriers communications +19

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;

View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya

View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia

View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States

View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote

View on infosec-jobs.com