Lucene search
+L

61 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 10:45 p.m.9 views

CVE-2024-44000

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through 6.5.0.1...

9.8CVSS7.4AI score0.83178EPSS
Exploits7References1
NVD
NVD
added 2024/10/29 10:15 a.m.32 views

CVE-2024-50550

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through = 6.5.1...

9.8CVSS0.00913EPSS
Exploits0References1
CVE
CVE
added 2024/10/29 9:57 a.m.183 views

CVE-2024-50550

The CVE-2024-50550 entry concerns the WordPress LiteSpeed Cache plugin (versions through 6.5.1) with an Incorrect Privilege Assignment vulnerability that enables privilege escalation. Reports attribute the root cause to weak hash verification in the crawler/role-simulation logic (is_role_simulati...

9.8CVSS7.4AI score0.00913EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/29 9:57 a.m.26 views

CVE-2024-50550 WordPress LiteSpeed Cache plugin <= 6.5.1 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through = 6.5.1...

8.1CVSS7.4AI score0.00913EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/20 11:26 a.m.58 views

CVE-2024-44000 WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through 6.5.0.1...

9.8CVSS0.83178EPSS
Exploits7References1
NVD
NVD
added 2024/10/16 2:15 p.m.35 views

CVE-2024-47637

Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through = 6.4.1...

8.8CVSS0.00634EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 1:12 p.m.85 views

CVE-2024-47637

CVE-2024-47637 is a path-traversal vulnerability in LiteSpeed Cache for WordPress (LiteSpeed Cache plugin) affecting versions up to 6.4.1. The issue enables relative path traversal due to insufficient input validation, with CVSS 3.1 base score 8.8 (HIGH). A fix is available: update to 6.5.1. Unti...

8.8CVSS5.9AI score0.00634EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/10/05 4:15 p.m.23 views

CVE-2024-47374

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through = 6.5.0.2...

7.1CVSS0.0138EPSS
Exploits0References1
CVE
CVE
added 2024/10/05 3:17 p.m.121 views

CVE-2024-47373

CVE-2024-47373 is a stored Cross-Site Scripting (XSS) vulnerability in LiteSpeed Cache (WordPress plugin) affecting versions up to 6.5.0.2. The issue arises from improper neutralization of input during web page generation, enabling stored XSS. Public sources (NVD, Red Hat, Patchstack, CVE lists) ...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/10/05 3:16 p.m.245 views

CVE-2024-47374

CVE-2024-47374 affects the WordPress LiteSpeed Cache plugin up to version 6.5.0.2. The vulnerability is a stored XSS caused by improper input neutralization during web page generation, enabling attackers to execute malicious scripts in victims’ browsers. Impact can include session hijacking or pa...

7.1CVSS6AI score0.0138EPSS
In wildExploits0References1Affected Software1
NVD
NVD
added 2024/08/21 2:15 p.m.44 views

CVE-2024-28000

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through = 6.3.0.1...

9.8CVSS0.68266EPSS
Exploits8References4
CVE
CVE
added 2024/08/21 1:53 p.m.250 views

CVE-2024-28000

CVE-2024-28000 affects WordPress LiteSpeed Cache (LiteSpeed Cache plugin) versions from 1.9 through 6.3.0.1. The issue is an Incorrect Privilege Assignment that allows unauthenticated escalation to administrator, enabling full site control. Mitigation: update to plugin version 6.4.0+ (or a patche...

9.8CVSS6AI score0.68266EPSS
Exploits8References4Affected Software1
NVD
NVD
added 2024/04/16 6:15 p.m.56 views

CVE-2023-40000

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7...

8.3CVSS8.2AI score0.54872EPSS
Exploits5References2
NVD
NVD
added 2024/04/16 6:15 p.m.21 views

CVE-2023-45000

Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7...

8.2CVSS8.3AI score0.00413EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/16 5:51 p.m.28 views

CVE-2023-45000 WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerability

Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7...

8.2CVSS8.4AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2023/05/25 9:15 a.m.11 views

CVE-2022-46800

Cross-Site Request Forgery CSRF vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin = 5.3 versions...

8.8CVSS6.5AI score0.00264EPSS
Exploits0References1
Prion
Prion
added 2023/05/25 9:15 a.m.23 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin = 5.3 versions...

6.8CVSS8.7AI score0.00264EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/25 8:53 a.m.24 views

CVE-2022-46800 WordPress LiteSpeed Cache Plugin <= 5.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin = 5.3 versions...

5.4CVSS9.1AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2022/10/27 8:15 p.m.19 views

CVE-2022-0073

Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1...

8.8CVSS0.08663EPSS
Exploits1References2
NVD
NVD
added 2022/10/27 8:15 p.m.35 views

CVE-2022-0072

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1...

5.8CVSS0.00971EPSS
Exploits1References2
Rows per page
Query Builder