Technology

Urgent: Critical Bug in LiteSpeed Cache Plugin Exploited by Hackers

Krishn patel

Krishn patel

1 min read
Urgent: Critical Bug in LiteSpeed Cache Plugin Exploited by Hackers

Hackers have begun exploiting a critical vulnerability in the popular WordPress plugin LiteSpeed Cache, potentially giving them control of millions of websites.

The flaw, tracked as CVE-2024-28000, allows attackers to escalate their privileges without requiring any authentication. This means anyone can potentially gain administrative access to a website running a vulnerable version of LiteSpeed Cache. The vulnerability exists in all versions up to and including 6.3.0.1.

The issue stems from a weakness in the plugin's user simulation feature. Hackers can exploit this weakness by brute-forcing a hash value, which allows them to create rogue administrator accounts. Once they have this access, they can potentially take complete control of the website, install malicious software, alter critical settings, redirect traffic to malicious sites, and steal user data.

Security researchers at Patchstack discovered the vulnerability and published details of how to exploit it. They demonstrated that an attacker could gain full control of a website in as little as a few hours by cycling through potential hash values. This vulnerability affects a significant number of websites, as LiteSpeed Cache is used by over 5 million sites. Currently, only around 30% of those websites are running the patched version of the plugin, leaving millions exposed to attack.

Wordfence, a WordPress security firm, has reported detecting and blocking over 48,500 attacks targeting CVE-2024-28000 in the past 24 hours, highlighting the intensity of the exploitation activity.

This is not the first time that LiteSpeed Cache has been targeted by hackers. In May, attackers exploited a cross-site scripting flaw (CVE-2023-40000) to gain control of vulnerable websites.

Website owners using LiteSpeed Cache are urged to upgrade to the latest version, 6.4.1, as soon as possible. Alternatively, they should uninstall the plugin entirely. Failure to take action could result in serious consequences, including data theft, website defacement, and loss of revenue.

This situation underlines the importance of keeping all software, especially security-sensitive plugins, up to date. Regular updates are crucial for patching vulnerabilities and preventing attackers from exploiting them.

Read more