A vulnerability in a popular WordPress plug-in has been identified, putting millions of websites at risk of attack. The flaw, which allows for cross-site scripting (XSS) attacks, could enable malicious actors to escalate privileges and inject malicious code onto affected websites. The plug-in in question, LiteSpeed Cache, is one of the most widely used caching plug-ins for the WordPress content management system (CMS), with over 6 million installations.
The vulnerability was discovered by a security researcher known as TaiYou, who reported the flaw to Patchstack through their Bug Bounty Program for WordPress. The flaw, tracked as CVE-2024-47374, affects LiteSpeed Cache up to version 6.5.0.2. Users are strongly urged to update to the latest version, 6.5.1, to protect themselves from potential attacks.
LiteSpeed Cache is described as an all-in-one site acceleration plugin that offers server-level caching and various optimization features. It is compatible with popular WordPress plug-ins like WooCommerce, bbPress, and Yoast SEO. However, the recent discovery of the XSS vulnerability has raised concerns about the security of websites using this plug-in.
Interestingly, TaiYou also identified two other flaws in LiteSpeed Cache, including another XSS vulnerability and a path traversal vulnerability. While these flaws are considered less dangerous than CVE-2024-47374, they still pose a risk to users. Patchstack promptly addressed these issues by releasing a patch in version 6.5.1, which fixes all three vulnerabilities.
The XSS vulnerability, CVE-2024-47374, is particularly concerning as it allows attackers to inject malicious code into a webpage, potentially leading to sensitive data theft and privilege escalation. The flaw occurs due to a lack of input sanitization and output escaping in the plug-in’s code handling, which exposes websites to potential attacks.
To mitigate the risk posed by CVE-2024-47374, Patchstack recommends that all administrators of WordPress sites using LiteSpeed Cache update to the latest version immediately. The patch includes sanitization measures to prevent further exploitation of the vulnerability.
In addition to updating the plug-in, developers are advised to apply escaping and sanitization techniques to any user-generated content displayed on their websites. Proper permission and authorization checks should also be implemented to secure rest route endpoints and prevent XSS vulnerabilities.
Given the widespread use of WordPress and its plug-ins, especially those with large install bases like LiteSpeed Cache, it is crucial for website owners to stay vigilant and proactive in maintaining the security of their websites. By following best practices for web security and promptly updating vulnerable software, users can reduce the risk of falling victim to cyberattacks.