Critical Exploit in WordPress Plugin Exposes 6 Million Sites to Attack with a Single HTTP Request
Posted: Sat Feb 15, 2025 3:32 pm
A severe vulnerability has been discovered in the popular LiteSpeed Cache plugin, which has been installed over 6 million times on WordPress websites. The flaw, a cross-site scripting (XSS) vulnerability, could allow attackers to escalate privileges and inject malicious code, potentially leading to unauthorized redirects, unwanted ads, and other harmful payloads.
https://threatinsights.org/blog/critica ... p-request/
https://threatinsights.org/blog/critica ... p-request/