LiteSpeed Cache plugin for WordPress has a critical security vulnerability



Security researchers have found yet another critical vulnerability in the LiteSpeed Cache plugin for WordPress that allows threat actors to take over websites.

Four months after patching an unauthenticated cross-site scripting flaw, the popular optimization plugin was found vulnerable to a bug described as an “unauthenticated account takeover vulnerability”. In other words, an unauthenticated malicious visitor could abuse the hole to gain access to any logged-in user, including admin accounts. That, as you may presume, grants the attacker full access to the website to do with it as they please.

https://cdn.mos.cms.futurecdn.net/4dB7zyRNSR7f8BCMoB3JqQ-1200-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

spot_imgspot_img