A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges.
Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1.
LiteSpeed Cache, which is used to improve site performance, has more than five million installations. The latest version of the plugin is 6.1, which was released on February 5, 2024.
The WordPress security company said CVE-2023-40000 is the result of a lack of user input sanitization and escaping output. The vulnerability is rooted in a function named update_cdn_status() and can be reproduced in a default installation.
The disclosure arrives four months after Wordfence revealed another XSS flaw in the same plugin (CVE-2023-4372, CVSS score: 6.4) due to insufficient input sanitization and output escaping on user supplied attributes. It was addressed in version 5.7.
“This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page,” István Márton said.
Source: https://thehackernews.com/