{"id":4905,"date":"2024-08-22T12:09:07","date_gmt":"2024-08-22T10:09:07","guid":{"rendered":"https:\/\/www.lrob.fr\/?p=4905"},"modified":"2024-08-22T12:10:46","modified_gmt":"2024-08-22T10:10:46","slug":"critical-flaw-wordpress-plugin-litespeed-cache","status":"publish","type":"post","link":"https:\/\/www.lrob.fr\/en\/blog\/internet\/wordpress\/securite-wordpress\/faille-critique-plugin-wordpress-litespeed-cache\/","title":{"rendered":"Critical security flaw in the LiteSpeed Cache WordPress plugin: 5 million sites affected"},"content":{"rendered":"<p>On August 19, 2024, a critical vulnerability was identified in the LiteSpeed Cache plugin, used by over 5 million WordPress sites. This flaw allows an unauthenticated attacker to impersonate an administrator, compromising the site's full integrity.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Technical details<\/h2>\n\n\n\n<p>The fault was <a href=\"https:\/\/www.wordfence.com\/blog\/2024\/08\/over-5000000-site-owners-affected-by-critical-privilege-escalation-vulnerability-patched-in-litespeed-cache-plugin\/\" target=\"_blank\" rel=\"noopener\">discovered by WordFence<\/a>.<\/p>\n\n\n\n<p>It affects all versions of the LiteSpeed Cache plugin up to version 6.3.0.1. By exploiting a bug in the role simulation function, an attacker can use a hash to impersonate an administrator. Once this hash has been obtained, he can create an administrator account via the WordPress REST API, enabling him to take control of the site.<\/p>\n\n\n\n<p>The hash used is only six characters long, making it vulnerable to brute-force attacks. What's more, if debugging logs can be accessed, this hash can be easily recovered by an attacker.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What to do?<\/h2>\n\n\n\n<p>Don't underestimate this vulnerability. Threats of this type can quickly turn into disasters if not dealt with in time.<\/p>\n\n\n\n<p>The solution is simple: update LiteSpeed Cache to version 6.4.1 or higher. This update corrects the flaw.<\/p>\n\n\n\n<p>If you use Wordfence Premium, Care or Response, a firewall rule was deployed on August 20, 2024 to protect you. Users of the free version will receive this protection from September 19, 2024.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How do you stay protected?<\/h2>\n\n\n\n<p>With the <strong>WordPress Toolkit on <a href=\"https:\/\/www.lrob.fr\/en\/web-hosting\/\">LRob accommodation<\/a><\/strong>you would have been automatically alerted by e-mail of the vulnerability and the update could have been automatic \ud83d\ude0e. Backup is complete and daily at LRob, with a full 1-year retention!<br>A good way to stay one step ahead of security threats.<\/p>","protected":false},"excerpt":{"rendered":"<p>Le 19 ao\u00fbt 2024, une vuln\u00e9rabilit\u00e9 critique a \u00e9t\u00e9 identifi\u00e9e dans le plugin LiteSpeed Cache, utilis\u00e9 par plus de 5 millions de sites WordPress. Cette faille permet \u00e0 un attaquant non authentifi\u00e9 de se faire passer pour un administrateur, compromettant ainsi l&rsquo;int\u00e9grit\u00e9 totale du site. D\u00e9tails Techniques La faille a \u00e9t\u00e9 d\u00e9couverte par WordFence. Elle [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4906,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24,5,23],"tags":[],"class_list":["post-4905","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-securite-wordpress","category-blog","category-wordpress"],"_links":{"self":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/4905","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/comments?post=4905"}],"version-history":[{"count":3,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/4905\/revisions"}],"predecessor-version":[{"id":7580,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/4905\/revisions\/7580"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/media\/4906"}],"wp:attachment":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/media?parent=4905"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/categories?post=4905"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/tags?post=4905"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}