Critical Flaw in LiteSpeed Cache Plugin

No headings were found on this page.

Get up to 50% off now

Become a partner with CyberPanel and gain access to an incredible offer of up to 50% off on CyberPanel add-ons. Plus, as a partner, you’ll also benefit from comprehensive marketing support and a whole lot more. Join us on this journey today!

Cybersecurity researchers have identified a severe vulnerability in WordPress’s LiteSpeed Cache plugin that could allow unauthenticated users to gain control of arbitrary accounts. This vulnerability, known as CVE-2024-44000, has been assigned a CVSS score of 7.5 and affects all versions up to and including 6.4.1. The issue has been resolved in the latest update, version 6.5.0.1.

Rafie Muhammad from Patchstack explained that the vulnerability arises from the plugin’s unauthenticated account takeover flaw. This means that any visitor without authentication could potentially gain access to the accounts of logged-in users, including those with administrator privileges. If exploited, this could allow attackers to upload and install malicious plugins.

This critical flaw follows the recent discovery of another serious issue in the plugin, CVE-2024-28000, which had a CVSS score of 9.8. LiteSpeed Cache, a widely used caching plugin with over 5 million active installations, was found to have a debug log file named “/wp-content/debug.log” that was publicly accessible. This exposed potentially sensitive information, including user cookies within HTTP response headers, enabling unauthorized login to the site with any active session.

The severity of the issue is mitigated by the fact that the debug feature must be enabled for the vulnerability to be exploited. Sites that had previously enabled debug logging but failed to remove the log file are also at risk. By default, the debug feature is disabled, but if it was enabled at any time, it’s crucial to address this vulnerability.

The update addresses the issue by relocating the debug log file to a secure folder within the LiteSpeed plugin directory (“/wp-content/litespeed/debug/”), randomizing filenames, and removing the option to log cookies. Users are advised to check for the presence of the “/wp-content/debug.log” file and delete it if the debug feature was previously enabled.

Additionally, it’s recommended to configure an .htaccess rule to prevent direct access to log files, as attackers might still find a way to access the new log file through a trial-and-error method if they know the filename.

Tech Delivered to Your Inbox!

Get exclusive access to all things tech-savvy, and be the first to receive

the latest updates directly in your inbox.

“This incident underscores the critical need for securing debug log processes, managing logged data appropriately, and handling log file access,” Muhammad added.

Ashmal ur Rehman

I'm an experienced Product and Community Marketing Specialist with a demonstrated history of working in the field of information technology and SaaS industries. Skilled in Technical Writing, Community Engagement, Product/Customer Advocate, e-commerce platforms (Magento & PHP), and Managed Cloud Services.

Unlock Benefits

Become a Community Member

New Year discount limited time 25% off on our life-time plans using code: LMT25

Try our free employee tracking app! Sign up now – click here

CyberPanel Features

Backup

Wordpress Manager

More Features

Docker app

Support

Email Tester

FTP Manager

MySQL Manager

Firewall Management

SSL Manager

CYBERPANEL

Free Managed Email Service

Test Email Delivery

CyberPanel Repo

RESOURCES

SUPPORT

PARTNERS

DEVELOPERS

Critical Flaw in LiteSpeed Cache Plugin Allows Account Takeover

Table of Contents

Reviews 75 • Excellent

4.4 ⓘ

Other Projects

Company

Resources

Reviews 75 • Excellent

4.4 ⓘ

Other Projects

Company

Resources