The Vulnerability:
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘esi’ shortcode in versions up to, and including, 5.6.
Makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Discover:
István Márton, wordfence security researcher.
The Solution:
Update LiteSpeed Cache patched the vulnerability in version 5.7, released to WordPress.org on October 10.
The References:
Make the switch to great hosting today!
Enjoy a risk-free trial with our 30-day money-back guarantee!
Hand-picked related articles
Maximizing E-commerce with Virtual Private Servers (VPS)
E-commerce sites rely on VPS due to their dependable performance, scalability, and flexibility. Performance: E-commerce websites need dependable and swift…
Kenapa perlu gunakan VPS (Virtual Private Server)?
VPS, atau Virtual Private Server, adalah sebuah jenis layanan hosting yang memberikan banyak manfaat, terutama untuk website atau aplikasi yang…
Apakah itu nama domain?
Nama domain ialah bahagian penting dalam internet—pada asasnya alamat yang anda taip ke dalam penyemak imbas untuk melawati laman web.…
Selamat Hari Raya Aidilfitri 2024
Selamat Hari Raya. Maaf Zahir & Batin. Untuk makluman, kami akan menutup operasi pejabat selama 2 hari iaitu 10 &…