On 19 August 2024, a critical vulnerability was identified in the LiteSpeed Cache plugin, used by more than 5 million WordPress sites. This flaw allows an unauthenticated attacker to impersonate an administrator, thereby compromising the complete integrity of the site.
Technical Details
The fault was discovered by WordFence.
It affects all versions of the LiteSpeed Cache plugin up to version 6.3.0.1. By exploiting a bug in the role simulation function, an attacker can use a hash to impersonate an administrator. Once this hash has been obtained, he can create an administrator account via the WordPress REST API, enabling him to take control of the site.
The hash used is only six characters long, making it vulnerable to brute force attacks. In addition, if it is possible to access the debugging logs, this hash can be easily recovered by an attacker.
What to do?
Don't underestimate this vulnerability. Threats of this type can quickly turn into disasters if they are not dealt with in time.
The solution is simple: update LiteSpeed Cache to version 6.4.1 or higher. This update fixes the flaw.
If you use Wordfence Premium, Care or Response, a firewall rule was deployed on 20 August 2024 to protect you. Users of the free version will receive this protection from 19 September 2024.
How can I stay protected?
With the WordPress Toolkit on LRob accommodation, you would have been automatically alerted by email of the vulnerability and the update could have been automatic 😎. The backup is complete and daily at LRob, with a retention of 1 full year!
A good way of staying one step ahead of security threats.
Leave a Reply
You must be logged in to post a comment.