"LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks"
According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites. The issue, tracked as CVE-2024-44000, exists because the plugin may include the HTTP response header for set-cookie in the debug log file after a login request. The researchers noted that because the debug log file is publicly accessible, an unauthenticated attacker could access the information exposed in the file and extract any user cookies stored in it. This would allow attackers to log in to the affected websites as any user for which the session cookie has been leaked, including as administrators, which could lead to site takeover. The researchers consider the flaw "critical" and warn that it impacts any website with the debug feature enabled at least once if the debug log file has not been purged. The researchers noted that the plugin also has a Log Cookies setting that could also leak users' login cookies if enabled. The vulnerability is only triggered if the debug feature is enabled. By default, however, debugging is disabled. CVE-2024-44000 was resolved on September 4 with the release of LiteSpeed Cache version 6.5.0.1, but millions of websites might still be affected.