Litespeedtech

Litespeed Cache

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-50550

  • EPSS 0.54%
  • Published 29.10.2024 10:15:04
  • Last modified 29.10.2024 14:34:04

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1.

9.8

CVE-2024-44000

Exploit
  • EPSS 91.58%
  • Published 20.10.2024 12:15:03
  • Last modified 23.10.2024 14:16:02

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1.

8.8

CVE-2024-47637

  • EPSS 0.89%
  • Published 16.10.2024 14:15:06
  • Last modified 16.10.2024 16:38:14

: Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through 6.4.1.

5.4

CVE-2024-47373

  • EPSS 0.06%
  • Published 05.10.2024 16:15:03
  • Last modified 07.10.2024 17:47:48

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2.

6.1

CVE-2024-47374

  • EPSS 0.29%
  • Published 05.10.2024 16:15:03
  • Last modified 07.10.2024 17:47:48

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2.

4.8

CVE-2024-9169

  • EPSS 0.09%
  • Published 25.09.2024 09:15:03
  • Last modified 26.09.2024 13:32:02

The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authent...

9.8

CVE-2024-28000

Exploit
  • EPSS 88.85%
  • Published 21.08.2024 14:15:08
  • Last modified 17.06.2025 19:15:26

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1.

5.4

CVE-2024-3246

  • EPSS 0.19%
  • Published 24.07.2024 04:15:04
  • Last modified 21.11.2024 09:29:14

The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update t...

6.1

CVE-2023-40000

Exploit
  • EPSS 80.07%
  • Published 16.04.2024 18:15:10
  • Last modified 10.06.2025 01:12:58

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.

5.3

CVE-2023-45000

  • EPSS 0.3%
  • Published 16.04.2024 18:15:10
  • Last modified 06.03.2025 15:00:11

Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7.