Detections
Analytics
WordPress Plugin 'LiteSpeed Cache' < 6.5.0.1. Unauthenticated Account Takeover
critical Nessus Plugin ID 206971
Language:
Synopsis
The remote WordPress application has a plugin installed that is affected by an unauthenticated account takeover vulnerability.Description
The WordPress application running on the remote host has a version of the 'LiteSpeed Cache' plugin that is prior to 6.5.0.1. It is, therefore, affected by an unauthenticated account takeover vulnerability. The plugin suffers from an unauthenticated account takeover vulnerability which allows any unauthenticated visitor to gain authentication access to any logged-in users and at worst can gain access to an Administrator level role after which malicious plugins could be uploaded and installed.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the 'LiteSpeed Cache' plugin to version 6.5.0.1 or later through the administrative dashboard.See Also
https://wordpress.org/plugins/litespeed-cache/
Plugin Details
Severity: Critical
ID: 206971
File Name: wordpress_plugin_litespeed_cache_CVE-2024-44000.nasl
Version: 1.4
Type: remote
Family: CGI abuses
Published: 9/11/2024
Updated: 10/25/2024
Supported Sensors: Nessus
Enable CGI Scanning: true
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2024-44000
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:litespeedtech:litespeed_cache
Required KB Items: installed_sw/WordPress, www/PHP
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/5/2024
Vulnerability Publication Date: 9/5/2024
Exploitable With
Metasploit (Wordpress LiteSpeed Cache plugin cookie theft)
Reference Information
CVE: CVE-2024-44000