Act Fast: Critical LiteSpeed Vulnerability

Act Fast: Critical LiteSpeed Vulnerability

Share this article

If your WordPress site uses the LiteSpeed Cache plugin, you must take action regarding a new critical security flaw (CVE-2024-28000) that could potentially put your site at risk. This vulnerability allows unauthorized users to gain admin access, potentially leading to a complete takeover. This means that hackers could possibly take full control of your website. A pretty serious concern!

The team at WHC moved quickly to safeguard our clients by applying extra protection specific to this vulnerability across all Web Hosting, Managed WordPress, and Reseller Hosting services. This patch is a temporary protection.

To keep your website secure action is needed on your part. You must update your LiteSpeed Cache plugin to version 6.4 or higher from your WordPress admin dashboard to ensure proper security and feature usability. Here’s exactly what all this means:

Who is affected?

This vulnerability impacts all WordPress sites running LiteSpeed Cache plugin versions 6.3.0.1 and earlier. As one of the most widely used plugins with over five million active installations, it's critical that site owners upgrade to the latest version (6.4) as soon as possible. If your site has not been updated, it remains vulnerable to potential attacks. This issue primarily affects Linux-based servers, meaning Windows-based WordPress sites are not exposed to this particular risk.

What’s the vulnerability?

CVE-2024-28000 stems from a weak security hash in the plugin’s user simulation feature. This flaw allows attackers to exploit the system, spoof user IDs, and gain admin-level access. Once they have admin privileges, they can install malicious plugins, take over your site, and disrupt its operation.

Hackers can use a brute-force method to guess the hash value, which has only one million possible combinations due to the plugin's reliance on an insecure random number generator. Once a valid hash is discovered, attackers can use it to create new admin accounts via the WordPress REST API, giving them full control of your site.

What WHC has done

  1. Deployed virtual protection for Web Hosting: The team installed a wall of protection specific to this vulnerability on all Web Hosting, Managed WordPress, and Reseller Hosting services until users update the LiteSpeed Cache plugin.
  2. Prompted users to Update Plugins: Although we’ve added a layer of protection, it's still crucial for you to manually update the plugin to the latest version of LiteSpeed Cache (6.4) through their WordPress admin interface.
  3. Support for Cloud and Dedicated Server Clients: For those on Cloud or Dedicated servers running LiteSpeed Cache, please follow the official instructions on LiteSpeed’s website for patching or contact our team. We’re ready to assist if needed.
  4. Continuous Monitoring: Our cybersecurity team is keeping a close eye on any threats and will continue to take action if necessary.

Stay informed and secure

Security vulnerabilities like CVE-2024-28000 highlight the importance of staying vigilant and regularly updating your website's software. WHC is committed to keeping your site protected and providing ongoing support to ensure your online presence is safe.

If you haven’t already, please update your LiteSpeed Cache plugin to the latest version as soon as possible. If you’re unsure whether your site is secure or need assistance, don’t hesitate to contact us. Our team is here to help, 24/7.

Thank you for your trust in us.

Back
Share this article Facebook Twitter LinkedIn By Email
About the author: Marie-Eve Petit

Marie-Eve is WHC’s Marketing Manager and a true word nerd. She loves keeping busy creating content, writing blogs or conversion copy. She also spends way too much time on Twitter and enjoys meditating with a Spritz in hand.

See all articles from this author Interested in writing for Web Hosting Canada?
Web Hosting Canada manages fast and reliable online infrastructure with 24/7 support. Learn more about WHC