6.1

CVE-2021-24964

Exploit

LiteSpeed Cache < 4.4.4 - IP Check Bypass to Unauthenticated Stored XSS

LiteSpeed Cache <= 4.4.3 - Authorization Bypass

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if a setting is enabled, which will then be output in some pages without being sanitised and escaped. Combining those two issues, an unauthenticated attacker could put Cross-Site Scripting payloads in pages visited by users.
Mögliche Gegenmaßnahme
LiteSpeed Cache: Update to version 4.4.4, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LitespeedtechLitespeed Cache SwPlatformwordpress Version < 4.4.4
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt LiteSpeed Cache
Version 1.0.15-4.4.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.22% 0.646
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://wpscan.com/vulnerability/e9966b3e-2eb9-4d70-8c18-6a829b4827cc
Third Party Advisory
Exploit
https://www.wordfence.com/threat-intel/vulnerabilities/id/a82bffab-77c3-48e8-af84-39709bf0353b
Third Party Advisory