Worrying WordPress plugin security flaw could let hackers hijack your site

3 weeks ago

(Image credit: Pixabay)

LiteSpeed Cache, an immensely celebrated WordPress plugin for tract capacity optimization, suffered from a vulnerability which allowed threat actors to summation admin status.

With specified elevated privileges, they would beryllium capable to execute each sorts of malicious activities connected nan compromised websites.

According to researchers from Patchstack, nan vulnerability was discovered successful nan is_role_simulation function, and it is comparatively akin to a different vulnerability that was discovered past summer. The usability apparently utilized a anemic information hash cheque that could beryllium surgery pinch brute force, granting nan attackers nan expertise to maltreatment nan crawler characteristic and simulate a logged-in administrator.

Who is vulnerable?

There are a fewer factors that request to align earlier nan vulnerability tin beryllium abused, though.

That includes having nan crawler turned on, pinch tally long betwixt 2500 and 4000, and nan intervals betwixt runs being group to 2500- 4000. Furthermore, Server Load Limit should beryllium group to 9, Role Simulation to 1 (ID of personification pinch admin role), and Turn each statement to OFF isolated from Administrator should beryllium activated.

The vulnerability is now tracked arsenic CVE-2024-50550, and has a severity people of 8.1 (high severity). It was already patched, pinch nan type 6.5.2 of nan plugin being nan earliest cleanable one. LiteSpeed Cache is 1 of nan astir celebrated plugins of its kind, pinch much than six cardinal progressive installations.

There is nary talk of immoderate grounds of in-the-wild abuse, truthful chances are cybercrooks person not picked up connected nan vulnerability successful nan past.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

However, now that nan spot is public, it’s only a matter of clip earlier they commencement scanning for susceptible websites. Currently, almost three-quarters (72.1%) of each LiteSpeed Cache websites are moving nan latest version, 6.5, pinch 6.7% moving 6.4, and a notable 21.2% moving “other” versions. Therefore, astatine slightest 27.6% of sites could beryllium targeted, which is much than 1.6 million.

More from TechRadar Pro

Another apical WordPress plugin has a awesome information flaw — and millions of sites could beryllium affected
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology