A vulnerability within the LiteSpeed Cache plugin for WordPress, which has over 6 million energetic installations, has been found permitting unauthenticated guests to realize administrator-level entry by exploiting a safety flaw within the plugin’s function simulation characteristic. This flaw permitted unauthorized entry that might result in the set up of malicious plugins.
The LiteSpeed Cache plugin is extensively used for web site optimization and helps standard WordPress plugins like WooCommerce, bbPress and Yoast web optimization.
Vulnerability Particulars and Exploitation Dangers
In keeping with the Patchstack staff, the recognized vulnerability exploits weak safety hash checks that may very well be reproduced below sure configurations set by an administrator, together with excessive run period settings and cargo limits within the plugin’s Crawler characteristic.
The vulnerability, listed as CVE-2024-50550, has raised issues because of the ease with which hashes will be brute-forced, thereby bypassing key safety checks.
Key situations for reproducing this vulnerability embody:
Enabling the Crawler characteristic and setting a run period between 2500-4000 seconds
Setting the server load restrict to 0
Activating function simulation for customers with administrator privileges
Learn extra on WordPress safety vulnerabilities: Vital LiteSpeed Cache Plugin Flaw Exposes WordPress Websites
Steps to Mitigate the Safety Flaw
In response to the vulnerability, the LiteSpeed improvement staff have eliminated the function simulation characteristic and strengthened hash technology to forestall unauthorized entry makes an attempt.
In addition they confirmed to Patchstack they plan to additional enhance safety by incorporating extra strong random worth mills in future updates, aiming to offer higher safety in opposition to brute-force assaults.
Patchstack suggested LiteSpeed Cache customers to replace to model 6.5.2 or larger to mitigate this challenge.
“This vulnerability highlights the essential significance of making certain the energy and unpredictability of values which are used as safety hashes or nonces,” the agency stated. “Any characteristic relating to function simulation or different person simulation must also be protected with correct entry management.”
Moreover, directors ought to assessment plugin settings to make sure that configurations just like the Crawler run period and cargo limits are optimized for safety.