近日，有研究人员在插件的用户模拟功能中发现了未经身份验证的权限升级漏洞 (CVE-2024-28000)，该漏洞是由 LiteSpeed Cache 6.3.0.1 及以下版本中的弱散列检查引起的。这个漏洞可能会让攻击者在创建恶意管理员账户后接管数百万个网站。 LiteSpeed Cache 是开源的，也是 ...

Another vulnerability was discovered in the LiteSpeed Cache WordPress plugin—an Unauthenticated Privilege Escalation that could lead to a total site takeover. Unfortunately, updating to the latest ...

感谢IT之家网友 咩咩洋 的线索投递！ IT之家 8 月 23 日消息，科技媒体 bleepingcomputer 昨日（8 月 22 日）发布博文，报道称 LiteSpeed Cache WordPress 插件存在“关键”漏洞，攻击者利用该漏洞可以创建恶意管理员账号，接管数百万 WordPress 网站。 LiteSpeed Cache 简介 IT之家 ...

WordPress, an open source blog software and content management system, is used by 43.4% of all websites as of April 2024. It has been reported that a popular WordPress plugin , LiteSpeed Cache, is ...

A serious vulnerability in the Wordpress plug-in Litespeed Cache lurks on more than six million websites. An update is available. The Wordpress plug-in Litespeed Cache is extremely popular. It has ...

A new vulnerability in the LiteSpeed Cache plugin for WordPress has been identified that could allow unauthenticated attackers to inject malicious code into websites ...

LiteSpeed Cache (free version), arguably the world’s most popular WordPress plugin for site optimization, was vulnerable in a way that allowed hackers to obtain admin-level privileges and essentially ...

The popular LiteSpeed WordPress plugin patched a vulnerability that compromised over 4 million websites, allowing hackers to upload malicious scripts. LiteSpeed was notified of the vulnerability two ...