Millions of WordPress sites exposed to serious security vulnerability. A loophole found in LiteSpeed ​​​​​​Cache plugin Allows visitors to enable admin level access and take control of the page.

Identified with the code CVE-2024-28000 The flaw allows unauthenticated privilege escalation Thanks to weak hash checking in LiteSpeed ​​Cache version 6.3.0.1.

Generally, exploitation paves the way for criminals to take control of the siteinstall malicious plugins, change critical settings, redirect traffic to malicious websites, and more. The problem affected not only the page owner but also all of their visitors.

To do this, the attacker only needed one piece of information: the identity of the website administrator. All they had to do then was provide it in a cookie. litespeed_role taking control of the platform.

Fortunately, the flaw was reported by researcher John Blackbourn on August 1st of this year. The LiteSpeed ​​​​team, who were aware of this exploit, developed a fix and released it in build 6.4Available since August 13th.

Although the issue has been resolved in the latest version, not all admins have updated their respective pages. According to statistics in the WordPress plugin repository, Approximately 34.2% of the plugin’s 5 million+ active installations are still running version 6.3.

When LiteSpeed ​​​​Cache 6.4 was released, the package was deployed by thousands of users. Adherence to the update peaked at 990 thousand downloads last Monday (19).

Update now

This is the second time in 2024 that LiteSpeed ​​​​Cache has acted as a gateway to malicious attacks. In May of this year, CVE-2023-40000 breach discovered.

In this case, the breach opened up room for a cross-site scripting attack that allowed the creation of admin users on vulnerable pages. This exploit was present in version 5.7.0.1 of the plugin.

Similarly, it is recommended that the patched update be installed immediately. “We strongly recommend that you update your sites to the patched version of LiteSpeed ​​​​Cache, currently 6.4.1. We have no doubt that this vulnerability will be actively exploited soon,” said Chloe Chamberland, director of threat intelligence at Wordfence.

Source: Tec Mundo

Previous articleFastest microscope sees events in quintillionths of a secondScience and technologyAugust 23, 2024, 01:33
Next articleWhat is the Rare Earth hypothesis? Science answers!
Jack
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here