New LiteSpeed Cache Vulnerability Puts 6 Million Sites at Risk via @sejournal, @martinibuster

10 months ago 142

ARTICLE AD BOX

An unauthenticated relationship takeover vulnerability successful the LiteSpeed Cache WordPress plugin puts millions of sites astatine risk

Another vulnerability was discovered successful the LiteSpeed Cache WordPress plugin—an Unauthenticated Privilege Escalation that could pb to a full tract takeover. Unfortunately, updating to the latest mentation of the plugin whitethorn not beryllium capable to resoluteness the issue.

LiteSpeed Cache Plugin

The LiteSpeed Cache Plugin is simply a website show optimization plugin that has implicit 6 cardinal installations. A cache plugin stores a static transcript of the information utilized to make a web leafage truthful that the server doesn’t person to repeatedly fetch the nonstop aforesaid leafage elements from the database each clip a browser requests a web page.

Storing the leafage successful a “cache” reduced the server load and speeds up the clip it takes to present a web leafage to a browser oregon a crawler.

LiteSpeed Cache besides does different leafage velocity optimizations similar compressing CSS and JavaScript files (minifying), puts the astir important CSS for rendering a leafage successful the HTML codification itself (inlined CSS) and different optimizations that unneurotic marque a tract faster.

Unauthenticated Privilege Escalation

An unauthenticated privilege escalation is simply a benignant of vulnerability that allows a hacker to attain tract entree privileges without having to motion successful arsenic a user. This makes it easier to hack a tract successful examination to an authenticated vulnerability that requires a hacker to archetypal attain a definite privilege level earlier being capable to execute the attack.

Unauthenticated privilege escalation typically occurs due to the fact that of a flaw successful a plugin (or theme) and successful this lawsuit it’s a information leak.

Patchstack, the information institution that discovered the vulnerability writes that vulnerability tin lone beryllium exploited nether 2 conditions:

“Active debug log diagnostic connected the LiteSpeed Cache plugin.

Has activated the debug log diagnostic erstwhile earlier (not presently progressive now) and the /wp-content/debug.log record is not purged oregon removed.”

Discovered By Patchstack

The vulnerability was discovered by researchers astatine Patchstack WordPress information company, which offers a escaped vulnerability informing work and precocious extortion for arsenic small arsenic $5/month.

Oliver Sild Founder of Patchstack explained to Search Engine Journal however this vulnerability was discovered and warned that updating the plugin is not enough, that a idiosyncratic inactive needs to manually purge their debug logs.

He shared these specifics astir the vulnerability:

“It was recovered by our interior researcher aft we processed the vulnerability from a fewer weeks ago.

Important happening to support successful caput with this caller vulnerability is that adjacent erstwhile it gets patched, the users inactive request to purge their debug logs manually. It’s besides a bully reminder not to support debug mode enabled successful production.”