The Vulnerability:
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘esi’ shortcode in versions up to, and including, 5.6.
Makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Discover:
István Márton, wordfence security researcher.
The Solution:
Update LiteSpeed Cache patched the vulnerability in version 5.7, released to WordPress.org on October 10.
The References:
Make the switch to great hosting today!
Enjoy a risk-free trial with our 30-day money-back guarantee!
Hand-picked related articles
ServerFreak is ISO 27001:2022 certified
Here are 5 great reasons to cheer Firstly, let us tell you about the cert. ISO 27001:2022 is the world’s…
How to Ensure 99.9% Uptime for Your Website
99.9% uptime is crucial to keep your website steady and accessible. Here are ways to achieve this: Choose VPS or…
Shared Hosting Or VPS Hosting For Your Business
Performance, cost, control, and scalability are some of the important differences that exist between shared hosting and VPS hosting. Both options have different advantages depending on your business needs, budget, and growth plans.SHARED HOSTING: THE BASICS With shared hosting, your website shares the same server as many other…
10 Ways To Get Income Using Website
Did you know that websites can actually generate some sort of income for you? The good news is, with a…