Overview

Description

Advisory No: TZCERT/SA/2024/02/29

Date of First Release: 28^th February 2024

Source: securityaffairs

Software Affected:

• LiteSpeed Cache plugin for WordPress

Overview:

LiteSpeed Cache plugin for WordPress is affected by a vulnerability tracked as CVE-2023-40000 which allows unauthenticated site-wide stored XSS. Remote attacker can exploit the vulnerability to steal sensitive information or gain escalated privilege on the WordPress site.

Description:

The plugin LiteSpeed Cache (free version), a popular caching plugin in WordPress with over 4 million active installations is vulnerable due to the way it handles input from the user as it does not sanitize and escape the output. The vulnerability resides in the function ‘update_cdn_status’; where it stems from the construction of an HTML value directly from the POST body parameter for the admin notice message. Successful exploitation of this vulnerability allows unauthenticated stored XSS resulting in to stealing of sensitive information or privilege escalation on the WordPress site with a single HTTP request

Impact:

Successful exploitation of this vulnerability may allow the remote attacker to gain access to sensitive information.

Solution:

WordPress has released security update to resolve this vulnerability. Users and administrations are encouraged to update as soon as possible.

References:

1. https://securityaffairs.com/159667/hacking/litespeed-cache-plugin-xss.html

Impact

Solution

References