www.bitdefender.com Open in urlscan Pro
2606:4700::6812:a9  Public Scan

Form analysis
0 forms found in the DOM

Text Content

___


 * Company
 * Blog

For HomeFor BusinessFor Partners
Consumer Insights Labs Business Insights

Industry News
1 min read



LITESPEED CACHE PLUGIN VULNERABILITY EXPOSES WORDPRESS ADMIN ACCESS

Vlad CONSTANTINESCU

November 01, 2024

Promo Protect all your devices, without slowing them down.
Free 30-day trial

Popular WordPress plugin LiteSpeed Cache has been recently patched against a
significant security flaw that would enable attackers to take over vulnerable
websites.

The flaw, tracked as CVE-2024-50550, involves a privilege elevation issue that
could allow unauthenticated users to gain admin access to WordPress websites.


DISCOVERY AND IMPACT OF CVE-2024-50550

A Taiwanese researcher identified the flaw and reported it to WordPress security
firm Patchstack on September 23. The issue stems from a weak hash check in
LiteSpeed Cache’s “role simulation” feature, designed to help website crawlers
simulate different user levels to optimize content delivery.



The function, is_role_simulation(), relied on litespeed_hash and
litespeed_flash_hash, two hash values stored in cookies. However, the hashes
were generated with an insufficient random factor, making them predictable and
thus vulnerable to brute forcing.


COMPANY RELEASED PATCHED VERSION OF VULNERABLE PLUGIN

Although the vulnerability has since been patched, its severity should not be
underestimated, as it allowed threat actors to impersonate administrators by
exploiting the vulnerable hashes.

After gaining admin privileges, perpetrators could potentially deploy malicious
plugins, alter website content, access backend databases, or deploy backdoors
for persistence.

The severity of the vulnerability increases significantly, considering that the
affected plugin is installed on approximately six million WordPress websites.


TIMELINE OF EVENTS AND THREAT RESPONSE

After the flaw was discovered, PatchStack alerted LiteSpeed Technologies, the
company behind the affected plugin. By October 10, developers created a
Proof-of-Concept (PoC) exploit and shared it with LiteSpeed to help them address
the issue.

A week later, the company released a patched version (6.5.2) of the affected
plugin that enhanced the randomness of the vulnerable hashes, thus addressing
the issue by mitigating the risks of brute force attacks.


MITIGATING POTENTIAL RISKS

Unfortunately, by late October, only about two million websites had prioritized
updating vulnerable plugins to a safe version, leaving an estimated four million
still at risk of being targeted by potential exploits.

Website owners and administrators should prioritize updating to the latest
version of the plugin to protect against attacks targeting the vulnerable
hashes.

tags

Industry News

--------------------------------------------------------------------------------


AUTHOR

--------------------------------------------------------------------------------


VLAD CONSTANTINESCU

Vlad's love for technology and writing created rich soil for his interest in
cybersecurity to sprout into a full-on passion. Before becoming a Security
Analyst, he covered tech and security topics.

View all posts

--------------------------------------------------------------------------------


RIGHT NOW TOP POSTS

Scam


IS YOUR DIGITAL FOOTPRINT PLACING YOU IN SCAMMERS’ CROSSHAIRS?

October 16, 2024

4 min read

Tips and Tricks How to Very Small Business


WHAT KEY CYBERTHREATS DO SMALL BUSINESSES FACE?

September 05, 2024

4 min read

Scam


GOT A STRANGE TEXT? 5 SIGNS THAT YOU’RE BEING SCAMMED (AND HOW TO PROTECT
YOURSELF)

September 02, 2024

6 min read

Scam How to


SCAM ALERT: HOW FRAUDSTERS ARE EXPLOITING WHATSAPP GROUP CHATS AND WHAT YOU NEED
TO KNOW TO STAY SAFE

August 12, 2024

3 min read



FOLLOW US ON SOCIAL MEDIA



--------------------------------------------------------------------------------


YOU MIGHT ALSO LIKE

Cybersecurity Grand Prix


CYBERSECURITY GRAND PRIX: RACE TO SECURE YOUR DIGITAL FOOTPRINT

Bitdefender

October 28, 2024

3 min read

Industry News


FINNISH CUSTOMS, EUROPOL, SWEDISH POLICE AND BITDEFENDER COOPERATION LEADS TO
SIPULITIE DARK WEB MARKETPLACE SHUT DOWN

Bitdefender

October 14, 2024

3 min read

Cybersecurity Grand Prix


CYBERSECURITY GRAND PRIX: CIRCUIT OF THE AMERICAS TRACK GUIDE

Bitdefender

October 14, 2024

4 min read


BOOKMARKS

--------------------------------------------------------------------------------

You have no bookmarks yet. Tap to read it later.

Legal Information | Privacy Policy | Contact Us
Copyright © 1997 - 2024 Bitdefender.