fbpx
Search
Close this search box.

Critical Flaw in LiteSpeed Cache Plugin Allows Account Takeover

Critical Security Flaw Discovered in LiteSpeed Cache Plugin

Table of Contents

Get up to 50% off now

Become a partner with CyberPanel and gain access to an incredible offer of up to 50% off on CyberPanel add-ons. Plus, as a partner, you’ll also benefit from comprehensive marketing support and a whole lot more. Join us on this journey today!

Cybersecurity researchers have identified a severe vulnerability in WordPress’s LiteSpeed Cache plugin that could allow unauthenticated users to gain control of arbitrary accounts. This vulnerability, known as CVE-2024-44000, has been assigned a CVSS score of 7.5 and affects all versions up to and including 6.4.1. The issue has been resolved in the latest update, version 6.5.0.1.

Rafie Muhammad from Patchstack explained that the vulnerability arises from the plugin’s unauthenticated account takeover flaw. This means that any visitor without authentication could potentially gain access to the accounts of logged-in users, including those with administrator privileges. If exploited, this could allow attackers to upload and install malicious plugins.

This critical flaw follows the recent discovery of another serious issue in the plugin, CVE-2024-28000, which had a CVSS score of 9.8. LiteSpeed Cache, a widely used caching plugin with over 5 million active installations, was found to have a debug log file named “/wp-content/debug.log” that was publicly accessible. This exposed potentially sensitive information, including user cookies within HTTP response headers, enabling unauthorized login to the site with any active session.

The severity of the issue is mitigated by the fact that the debug feature must be enabled for the vulnerability to be exploited. Sites that had previously enabled debug logging but failed to remove the log file are also at risk. By default, the debug feature is disabled, but if it was enabled at any time, it’s crucial to address this vulnerability.

The update addresses the issue by relocating the debug log file to a secure folder within the LiteSpeed plugin directory (“/wp-content/litespeed/debug/”), randomizing filenames, and removing the option to log cookies. Users are advised to check for the presence of the “/wp-content/debug.log” file and delete it if the debug feature was previously enabled.

Additionally, it’s recommended to configure an .htaccess rule to prevent direct access to log files, as attackers might still find a way to access the new log file through a trial-and-error method if they know the filename.

Tech Delivered to Your Inbox!

Get exclusive access to all things tech-savvy, and be the first to receive 

the latest updates directly in your inbox.

“This incident underscores the critical need for securing debug log processes, managing logged data appropriately, and handling log file access,” Muhammad added.

Ashmal ur Rehman
I'm an experienced Product and Community Marketing Specialist with a demonstrated history of working in the field of information technology and SaaS industries. Skilled in Technical Writing, Community Engagement, Product/Customer Advocate, e-commerce platforms (Magento & PHP), and Managed Cloud Services.
Unlock Benefits

Become a Community Member

SIMPLIFY SETUP, MAXIMIZE EFFICIENCY!
Setting up CyberPanel is a breeze. We’ll handle the installation so you can concentrate on your website. Start now for a secure, stable, and blazing-fast performance!

CyberPanel Giveaway! 🚨

Win a 100GB premium backup for 365 days – absolutely FREE!