Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litespeedtech litespeed cache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4372
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'esi' shortcode in versions up to, and including, 5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authent...
Litespeedtech Litespeed Cache
4.3
CVSSv2
CVE-2020-29172
A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin prior to 3.6.1 for WordPress can be exploited via the Server IP setting.
Litespeedtech Litespeed Cache
NA
CVE-2022-46800
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
Litespeedtech Litespeed Cache
3.5
CVSSv2
CVE-2021-24963
The LiteSpeed Cache WordPress plugin prior to 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting
Litespeedtech Litespeed Cache
2.6
CVSSv2
CVE-2021-24964
The LiteSpeed Cache WordPress plugin prior to 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing malicious users to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could b...
Litespeedtech Litespeed Cache
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started