Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litespeedtech litespeed cache vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-24964
The LiteSpeed Cache WordPress plugin prior to 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing malicious users to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could b...
Litespeedtech Litespeed Cache
5.4
CVSSv3
CVE-2023-4372
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'esi' shortcode in versions up to, and including, 5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authent...
Litespeedtech Litespeed Cache
8.8
CVSSv3
CVE-2022-46800
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
Litespeedtech Litespeed Cache
6.1
CVSSv3
CVE-2020-29172
A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin prior to 3.6.1 for WordPress can be exploited via the Server IP setting.
Litespeedtech Litespeed Cache
4.8
CVSSv3
CVE-2021-24963
The LiteSpeed Cache WordPress plugin prior to 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting
Litespeedtech Litespeed Cache
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started