WordPress is a set of blogging platform developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin LiteSpeed Cache prior to 4.4.4. The vulnerability stems from the program not filtering and escaping the qc_res parameter. An attacker could use this vulnerability to steal cookie-based authentication credentials.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress litespeed cache | lt | 4.4.4 |