Marcel SIneM(S)USOct 20, 2024
#Wordpress-Plug-in: Abermals gravierende Sicherheitslücke in #LitespeedCache | Security https://www.heise.de/news/Wordpress-Plug-in-Abermals-gravierende-Sicherheitsluecke-in-Litespeed-Cache-9975165.html #WordPressPlugIn #CMS #ContentManagementSystem #Patchday
Wordpress-Plug-in: Abermals gravierende Sicherheitslücke in Litespeed Cache

Auf mehr als sechs Millionen Websites lauert eine schwerwiegende Schwachstelle im Wordpress-Plug-in Litespeed Cache. Ein Update steht bereit.

heise online
Marcel SIneM(S)USSep 9, 2024
#WordPress-Plug-in #LiteSpeedCache erneut angreifbar | Security https://www.heise.de/news/WordPress-Plug-in-LiteSpeed-Cache-erneut-angreifbar-9859538.html #WordPressPlugin #Patchday
WordPress-Plug-in LiteSpeed Cache erneut angreifbar

Mehr als 6 Millionen WordPress-Websites setzen das Plug-in LiteSpeed Cache ein. Nun wurde abermals eine Sicherheitslücke geschlossen.

heise online
RF WaveSep 8, 2024

Software updates have been released for #LiteSpeedCache, a #Wordpressplugin, to address a critical vulnerability

The vulnerability is tracked as CVE-2024-44000, and when exploited, allows an attacker to log in as another user to Wordpress

Administrators are advised to patch ASAP

#cybersecurity

https://www.bleepingcomputer.com/news/security/litespeed-cache-bug-exposes-6-million-wordpress-sites-to-takeover-attacks/

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.

BleepingComputer
Show thread decioSep 6, 2024

encore et encore...

🩹 LiteSpeed Release v6.5.0.1 ( chagelog https://plugins.trac.wordpress.org/changeset/3146657/litespeed-cache/trunk )

"Critical Account Takeover Vulnerability Patched in LiteSpeed Cache Plugin"
👇
https://patchstack.com/articles/critical-account-takeover-vulnerability-patched-in-litespeed-cache-plugin/
⬇️
"LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.

The flaw, tracked as CVE-2024-44000 and categorized as an unauthenticated account takeover issue, was discovered by Patchstack's Rafie Muhammad on August 22, 2024. A fix was made available yesterday with the release of LiteSpeed Cache version 6.5.0.1."
👇
https://www.bleepingcomputer.com/news/security/litespeed-cache-bug-exposes-6-million-wordpress-sites-to-takeover-attacks/

#CyberVeille #WordPress #LiteSpeedCache #CVE_2024_44000

Marcel SIneM(S)USAug 25, 2024
5 Millionen #Wordpress-Seiten gefährdet: Kritisches Leck in #LiteSpeedCache | Security https://www.heise.de/news/5-Millionen-Wordpress-Seiten-gefaehrdet-Kritisches-Leck-in-LiteSpeed-Cache-9843667.html #Patchday #WordPressPlugin
5 Millionen Wordpress-Seiten gefährdet: Kritisches Leck in LiteSpeed Cache

Das Wordpress-Plug-in LiteSpeed Cache ist auf 5 Millionen Seiten installiert. Nun haben IT-Forscher eine kritische Sicherheitslücke darin entdeckt.

heise online
kyu3(キューさん) Aug 23, 2024
#WordPress の人気プラグイン「#LiteSpeedCache」に重大な脆弱性があることが判明、数百万ものウェブサイトが乗っ取られる可能性も - GIGAZINE https://gigazine.net/news/20240823-wordpress-litespeed-cache-plugin-vulnerability/
WordPressの人気プラグイン「LiteSpeed Cache」に重大な脆弱性があることが判明、数百万ものウェブサイトが乗っ取られる可能性も

オープンソースのブログ用ソフトウェア兼コンテンツ管理システムであるWordPressは、2024年4月の時点で全ウェブサイトの43.4%で使われています。そんなWordPressの人気プラグインである「LiteSpeed Cache」に脆弱(ぜいじゃく)性があり、数百万ものウェブサイトが乗っ取られる可能性があると報じられました。

GIGAZINE
EvostrixAug 22, 2024
WordPress LiteSpeed Cache Plugin Vulnerability Gives Hackers Admin Control
Are you a WordPress user who relies on the LiteSpeed Cache plugin to keep your site running smoothly and efficiently? Well, you might want to pay attention to this latest development.
#WordPressSecurity #LiteSpeedCache #PluginVulnerability #CyberSecurity #HackerAlert #AdminControl #WebsiteSafety #WordPressHacks #OnlineSecurity #TechNews
https://cloudhosting.evostrix.eu/wordpress-litespeed-cache-plugin-vulnerability-gives-hackers-admin-control/
WordPress LiteSpeed Cache Plugin Vulnerability Gives Hackers Admin Control » Security

Are you a WordPress user who relies on the LiteSpeed Cache plugin to keep your site running smoothly and efficiently? Well, you might want to pay attention to

Evo Cloud
OSTechNixAug 22, 2024
Record-Breaking Bounty Awarded for LiteSpeed Cache Plugin Vulnerability #Litespeedcache #Wordpress #Plugin #Patchstack #Litespeed
https://ostechnix.com/litespeed-cache-plugin-vulnerability/
Record-Breaking Bounty Awarded For LiteSpeed Cache Plugin Vulnerability - OSTechNix

A security researcher has uncovered a critical vulnerability in the LiteSpeed Cache plugin. Patchstack has awarded a $14,400 bounty for the discovery.

OSTechNix
Neil BatchelorAug 21, 2024
If you use the #LiteSpeedCache plugin for #Wordpress: UPDATE!
Wordfence found that it was possible for an unauthenticated attacker to spoof their user ID in vulnerable versions, ultimately allowing them to register as an administrative-level user and completely take over a WordPress site.
https://www.wordfence.com/blog/2024/08/over-5000000-site-owners-affected-by-critical-privilege-escalation-vulnerability-patched-in-litespeed-cache-plugin/
Over 5,000,000 Site Owners Affected by Critical Privilege Escalation Vulnerability Patched in LiteSpeed Cache Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. ...Read More

Wordfence
Rik MertensAug 21, 2024
#wordpress #litespeedcache Urgent announcement by Wordfence today. "We strongly advise users to update their [Wordpress] sites with the latest patched version of Litespeed Cache, version 6.4.1 at the time of this writing, as soon as possible."