Vulnerability Management

Exploitation of LiteSpeed Cache plugin bug on the rise

Share
UKRAINE – 2021/11/22: In this photo illustration, the WordPress (WP, WordPress.org) logo is seen on a smartphone and in the background. (Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images)

A critical vulnerability in the LiteSpeed Cache WordPress plugin tracked as CVE-2024-28000 is being actively exploited by hackers just one day after its technical details were made public, according to BleepingComputer.

The flaw affects all versions of the plugin up to 6.3.0.1 and allows attackers to escalate privileges without authentication, giving them the ability to create rogue administrator accounts. The vulnerability arises from a weak hash check in the plugin's user simulation feature, which can be brute-forced to gain unauthorized access. Exploitation of the flaw could lead to a complete takeover of affected websites, allowing the installation of malicious plugins, alteration of settings, traffic redirection, and data theft. At present, only 30% of the over 5 million sites using LiteSpeed Cache have upgraded to a safe version, leaving millions of websites vulnerable. Wordfence reports having blocked over 48,500 attacks targeting the flaw in just the past 24 hours. Users are strongly advised to update to version 6.4.1 or uninstall the plugin immediately to mitigate the risk.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.