Litespeed unauthorized account takeover - #CVE-2024-44000
A critical vulnerability (CVE-2024-44000) in the LiteSpeed Cache plugin for WordPress, affecting versions up to 6.4.1, has exposed millions of websites to potential account takeovers. The flaw, with a CVSS score of 7.5, allows unauthenticated attackers to access user cookies from publicly exposed debug log files, enabling them to impersonate any user, including administrators. LiteSpeed Technologies addressed this issue in version 6.5.0.1 by relocating the log file, randomizing its name, and removing sensitive data from logs. However, the vulnerability's impact is significant, affecting over six million websites. Security researchers have developed proof-of-concept tools to demonstrate the exploit's severity, emphasizing the importance of proper debug log management and immediate plugin updates. Site administrators are advised to delete vulnerable debug logs, implement .htaccess rules to block direct access to log files, and ensure their sites are updated to the latest version.