The Vulnerability:
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘esi’ shortcode in versions up to, and including, 5.6.
Makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Discover:
István Márton, wordfence security researcher.
The Solution:
Update LiteSpeed Cache patched the vulnerability in version 5.7, released to WordPress.org on October 10.
The References:
Make the switch to great hosting today!
Enjoy a risk-free trial with our 30-day money-back guarantee!
Hand-picked related articles
Spam Prevention For Your Email
Spam e-mail messages can fill your inbox, put your security at risk, and generally do not save time. Below you…
Common Myths About Domain Name
There are certain misconceptions which need to be cleared up to avoid business owners and website developers being misled when…
Tips For Picking The Best Domain Name
Selecting the correct domain name is crucial for building a good online visibility. Your domain represents: Here are five tips…
Domain Name Trends: What’s Hot in 2024?
Choosing a domain name is important but can sometimes be confusing. If you are looking for a suitable name for…