On August 19, 2024, a critical vulnerability was identified in the LiteSpeed Cache plugin, used by over 5 million WordPress sites. This flaw allows an unauthenticated attacker to impersonate an administrator, compromising the site's full integrity.
Technical details
The fault was discovered by WordFence.
It affects all versions of the LiteSpeed Cache plugin up to version 6.3.0.1. By exploiting a bug in the role simulation function, an attacker can use a hash to impersonate an administrator. Once this hash has been obtained, he can create an administrator account via the WordPress REST API, enabling him to take control of the site.
The hash used is only six characters long, making it vulnerable to brute-force attacks. What's more, if debugging logs can be accessed, this hash can be easily recovered by an attacker.
What to do?
Don't underestimate this vulnerability. Threats of this type can quickly turn into disasters if not dealt with in time.
The solution is simple: update LiteSpeed Cache to version 6.4.1 or higher. This update corrects the flaw.
If you use Wordfence Premium, Care or Response, a firewall rule was deployed on August 20, 2024 to protect you. Users of the free version will receive this protection from September 19, 2024.
How do you stay protected?
With the WordPress Toolkit on LRob accommodationyou would have been automatically alerted by e-mail of the vulnerability and the update could have been automatic 😎. Backup is complete and daily at LRob, with a full 1-year retention!
A good way to stay one step ahead of security threats.
Leave a Reply