Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    73 vulnerabilities by litespeedtech

    CVE-2026-54420 (GCVE-0-2026-54420)

    Vulnerability from nvd – Published: 2026-06-14 03:23 – Updated: 2026-06-16 03:56 X_Known Exploited Vulnerability
    VLAI CISA KEVIntel
    Summary
    LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-61 - UNIX Symbolic Link (Symlink) Following
    Assigner
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies cPanel Plugin Affected: 2.3 , < 2.4.8 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54420",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-06-15",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T03:56:05.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-15T00:00:00.000Z",
                "value": "CVE-2026-54420 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "WHM and cPanel PlugIn",
              "platforms": [
                "Linux"
              ],
              "product": "cPanel Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "2.4.8",
                  "status": "affected",
                  "version": "2.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-61",
                  "description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-14T03:23:12.863Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel"
            },
            {
              "url": "https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the LiteSpeed WHM PlugIn v5.3.2.0 or higher (which includes the cPanel PlugIn v2.4.8)."
                }
              ],
              "value": "Upgrade to the LiteSpeed WHM PlugIn v5.3.2.0 or higher (which includes the cPanel PlugIn v2.4.8)."
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Disable the cPanel PlugIn for LiteSpeed"
                }
              ],
              "value": "Disable the cPanel PlugIn for LiteSpeed"
            }
          ],
          "x_generator": {
            "engine": "CVE-Request-form 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2026-54420",
        "datePublished": "2026-06-14T03:23:12.863Z",
        "dateReserved": "2026-06-14T03:23:12.439Z",
        "dateUpdated": "2026-06-16T03:56:05.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3375 (GCVE-0-2026-3375)

    Vulnerability from nvd – Published: 2026-05-27 07:45 – Updated: 2026-05-27 10:28
    VLAI
    Title
    LiteSpeed Cache <= 7.7 - Unauthenticated Stored Cross-Site Scripting via QUIC.cloud CCSS/UCSS REST API Endpoints
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notify_ucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud callback notifications and store it to disk without sanitization. The stored content is later rendered inline frontend page loads without output escaping. The access control protecting these endpoints is IP-based validation that can potentially be bypassed when the WordPress site is deployed behind a reverse proxy, load balancer, or CDN with certain configurations. This makes it possible for unauthenticated attackers, under certain conditions, to inject arbitrary JavaScript into CCSS/UCSS content.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 7.7 (semver)
    Create a notification for this product.
    Credits
    Osvaldo Noe Gonzalez Del Rio
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3375",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-27T10:15:22.902299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T10:28:19.176Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "7.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Osvaldo Noe Gonzalez Del Rio"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notify_ucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud callback notifications and store it to disk without sanitization. The stored content is later rendered inline frontend page loads without output escaping. The access control protecting these endpoints is IP-based validation that can potentially be bypassed when the WordPress site is deployed behind a reverse proxy, load balancer, or CDN with certain configurations. This makes it possible for unauthenticated attackers, under certain conditions, to inject arbitrary JavaScript into CCSS/UCSS content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-27T07:45:55.498Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40fa29f5-525a-4986-91f9-0210a7594e46?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/rest.cls.php#L108"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/cloud.cls.php#L2085"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/css.cls.php#L401"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/css.cls.php#L595"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/optimize.cls.php#L477"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/router.cls.php#L732"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3473912/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-28T01:14:46.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2026-05-26T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 7.7 - Unauthenticated Stored Cross-Site Scripting via QUIC.cloud CCSS/UCSS REST API Endpoints"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2026-3375",
        "datePublished": "2026-05-27T07:45:55.498Z",
        "dateReserved": "2026-02-28T00:59:32.665Z",
        "dateUpdated": "2026-05-27T10:28:19.176Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48172 (GCVE-0-2026-48172)

    Vulnerability from nvd – Published: 2026-05-21 00:38 – Updated: 2026-05-27 03:55 X_Known Exploited Vulnerability
    VLAI CISA KEVIntel
    Summary
    LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48172",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-21T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-05-26",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48172"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T03:55:24.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48172"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-26T00:00:00.000Z",
                "value": "CVE-2026-48172 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/download/",
              "defaultStatus": "unaffected",
              "packageName": "WHM Plugin/cPanel Plugin",
              "platforms": [
                "Linux"
              ],
              "product": "cPanel Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "2.4.7",
                  "status": "affected",
                  "version": "2.3",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "WHM Plugin/cPanel Plugin",
              "platforms": [
                "Linux"
              ],
              "product": "WHM Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "5.3.1.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Installation of the LiteSpeed cPanel PlugIn v2.3 or higher."
                }
              ],
              "value": "Installation of the LiteSpeed cPanel PlugIn v2.3 or higher."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE \"cpanel_jsonapi_func=redisAble\" /var/cpanel/logs /usr/local/cpanel/logs/ 2\u003e/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-24T23:05:58.862Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel"
            },
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/release-log"
            },
            {
              "url": "https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Installation of LiteSpeed WHM PlugIn 5.3.1.0 and cPanel 2.4.7.\u0026nbsp; Though installation of WHM 5.2.10 and cPanel 2.4.5 and above mitigate most of the issues."
                }
              ],
              "value": "Installation of LiteSpeed WHM PlugIn 5.3.1.0 and cPanel 2.4.7.\u00a0 Though installation of WHM 5.2.10 and cPanel 2.4.5 and above mitigate most of the issues."
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "x_generator": {
            "engine": "CVE-Request-form 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2026-48172",
        "datePublished": "2026-05-21T00:38:04.489Z",
        "dateReserved": "2026-05-21T00:38:03.845Z",
        "dateUpdated": "2026-05-27T03:55:24.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-31386 (GCVE-0-2026-31386)

    Vulnerability from nvd – Published: 2026-03-16 05:21 – Updated: 2026-03-16 15:29
    VLAI
    Summary
    OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-31386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T15:28:55.405089Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T15:29:03.838Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLiteSpeed",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LSWS Enterprise",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T05:21:13.948Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://openlitespeed.org/"
            },
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN22152812/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2026-31386",
        "datePublished": "2026-03-16T05:21:13.948Z",
        "dateReserved": "2026-03-09T09:07:18.132Z",
        "dateUpdated": "2026-03-16T15:29:03.838Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12450 (GCVE-0-2025-12450)

    Vulnerability from nvd – Published: 2025-10-29 09:27 – Updated: 2026-04-08 17:10
    VLAI
    Title
    LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 7.5.0.1 (semver)
    Create a notification for this product.
    Credits
    Nicholas Giemsa
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12450",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-29T13:59:23.823522Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-29T13:59:32.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "7.5.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Nicholas Giemsa"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:10:46.784Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98f71c32-9453-4598-acb5-242818508c74?source=cve"
            },
            {
              "url": "https://github.com/litespeedtech/lscache_wp/commit/3d473f44d37ec2a834162ff1d86c017e9ae67db3"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-10-28T21:00:40.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2025-10-28T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 7.5.0.1 - Reflected Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-12450",
        "datePublished": "2025-10-29T09:27:57.311Z",
        "dateReserved": "2025-10-28T20:45:41.236Z",
        "dateUpdated": "2026-04-08T17:10:46.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54939 (GCVE-0-2025-54939)

    Vulnerability from nvd – Published: 2025-08-01 00:00 – Updated: 2025-08-20 19:55
    VLAI
    Summary
    LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LSQUIC Affected: 0 , < 4.3.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54939",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-01T17:49:17.600012Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-01T17:49:41.258Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LSQUIC",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThan": "4.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:litespeedtech:lsquic:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-20T19:55:50.645Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/litespeedtech/lsquic/blob/70486141724f85e97b08f510673e29f399bbae8f/CHANGELOG#L1-L3"
            },
            {
              "url": "https://github.com/litespeedtech/lsquic/commit/4cd9252e77fb4a36b572e2167a84067d603d3b23"
            },
            {
              "url": "https://www.imperva.com/blog/quic-leak-cve-2025-54939-new-high-risk-pre-handshake-remote-denial-of-service-in-lsquic-quic-implementation/"
            },
            {
              "url": "https://blog.litespeedtech.com/2025/08/18/litespeed-security-update/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-54939",
        "datePublished": "2025-08-01T00:00:00.000Z",
        "dateReserved": "2025-08-01T00:00:00.000Z",
        "dateUpdated": "2025-08-20T19:55:50.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24947 (GCVE-0-2025-24947)

    Vulnerability from nvd – Published: 2025-02-20 00:00 – Updated: 2025-02-20 20:19
    VLAI
    Summary
    A hash collision vulnerability (in the hash table used to manage connections) in LSQUIC (aka LiteSpeed QUIC) before 4.2.0 allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This is caused by XXH32 usage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LSQUIC Affected: 0 , < 4.2.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T20:18:13.503625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:19:05.607Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LSQUIC",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThan": "4.2.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:litespeedtech:lsquic:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A hash collision vulnerability (in the hash table used to manage connections) in LSQUIC (aka LiteSpeed QUIC) before 4.2.0 allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This is caused by XXH32 usage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "CWE-407 Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-20T02:40:12.338Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://xxhash.com"
            },
            {
              "url": "https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory"
            },
            {
              "url": "https://github.com/litespeedtech/lsquic/releases/tag/v4.2.0"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-24947",
        "datePublished": "2025-02-20T00:00:00.000Z",
        "dateReserved": "2025-01-29T00:00:00.000Z",
        "dateUpdated": "2025-02-20T20:19:05.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-50550 (GCVE-0-2024-50550)

    Vulnerability from nvd – Published: 2024-10-29 09:57 – Updated: 2026-05-11 21:29
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.1 - Privilege Escalation vulnerability
    Summary
    Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through <= 6.5.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.1 (custom)
    Create a notification for this product.
    litespeed_technologies litespeed_cache Affected: 0 , ≤ 6.5.1 (custom)
        cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:28
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeed_technologies",
                "versions": [
                  {
                    "lessThanOrEqual": "6.5.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-50550",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-29T14:38:29.233571Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-11T21:29:32.779Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.2",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:28:57.442Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:32.059Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.1 - Privilege Escalation vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-50550",
        "datePublished": "2024-10-29T09:57:24.051Z",
        "dateReserved": "2024-10-24T07:27:56.548Z",
        "dateUpdated": "2026-05-11T21:29:32.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-44000 (GCVE-0-2024-44000)

    Vulnerability from nvd – Published: 2024-10-20 11:26 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability
    Summary
    Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through < 6.5.0.1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.1 (custom)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 0 , < 6.5.0.1 (custom)
        cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:27
    Credits
    Rafie Muhammad | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThan": "6.5.0.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44000",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-21T19:09:19.973432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-21T19:11:21.875Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.0.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Rafie Muhammad | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:27:37.724Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c 6.5.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through \u003c 6.5.0.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:15.844Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-1-unauthenticated-account-takeover-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-44000",
        "datePublished": "2024-10-20T11:26:22.948Z",
        "dateReserved": "2024-08-18T21:57:37.333Z",
        "dateUpdated": "2026-04-28T16:10:15.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47637 (GCVE-0-2024-47637)

    Vulnerability from nvd – Published: 2024-10-16 13:12 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.4.1 - Path Traversal vulnerability
    Summary
    Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through <= 6.4.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.4.1 (custom)
    Create a notification for this product.
    litespeed_technologies litespeed_cache Affected: 0 , ≤ 6.4.1 (custom)
        cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:27
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeed_technologies",
                "versions": [
                  {
                    "lessThanOrEqual": "6.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47637",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:41:42.740083Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:43:35.504Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:27:55.673Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.4.1.\u003c/p\u003e"
                }
              ],
              "value": "Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.4.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:20.743Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-4-1-path-traversal-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.4.1 - Path Traversal vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47637",
        "datePublished": "2024-10-16T13:12:53.310Z",
        "dateReserved": "2024-09-30T11:16:50.532Z",
        "dateUpdated": "2026-04-28T16:10:20.743Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47374 (GCVE-0-2024-47374)

    Vulnerability from nvd – Published: 2024-10-05 15:16 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-04-01 16:28
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47374",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-07T13:15:39.033953Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-07T13:15:53.095Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:28:01.443Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:20.025Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47374",
        "datePublished": "2024-10-05T15:16:09.263Z",
        "dateReserved": "2024-09-24T13:01:41.751Z",
        "dateUpdated": "2026-04-28T16:10:20.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47373 (GCVE-0-2024-47373)

    Vulnerability from nvd – Published: 2024-10-05 15:17 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-04-01 16:30
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-07T13:15:23.157378Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-07T13:15:38.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:30:24.452Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:19.957Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability-2?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47373",
        "datePublished": "2024-10-05T15:17:28.989Z",
        "dateReserved": "2024-09-24T13:01:41.750Z",
        "dateUpdated": "2026-04-28T16:10:19.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-9169 (GCVE-0-2024-9169)

    Vulnerability from nvd – Published: 2024-09-25 08:31 – Updated: 2026-04-08 16:33
    VLAI
    Title
    litespeed cache <= 6.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 6.4.1 (semver)
    Create a notification for this product.
    Credits
    Islam Rafei
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9169",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T13:10:07.026970Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T13:21:38.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Islam Rafei"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:33:20.032Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/051a987a-944a-4898-872b-0456f0f59b27?source=cve"
            },
            {
              "url": "https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-26T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2025-06-05T17:22:04.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-09-24T20:10:10.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "litespeed cache \u003c= 6.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-9169",
        "datePublished": "2024-09-25T08:31:05.854Z",
        "dateReserved": "2024-09-24T19:58:41.752Z",
        "dateUpdated": "2026-04-08T16:33:20.032Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-28000 (GCVE-0-2024-28000)

    Vulnerability from nvd – Published: 2024-08-21 13:53 – Updated: 2026-04-29 09:51 X_Known Exploited Vulnerability
    VLAI KEVIntel
    Title
    WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability
    Summary
    Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through <= 6.3.0.1.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.3.0.1 (custom)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 1.9 , ≤ 6.3.0.1 (custom)
        cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-22 14:38
    Credits
    John Blackbourn | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThanOrEqual": "6.3.0.1",
                    "status": "affected",
                    "version": "1.9",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-28000",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T16:45:06.468347Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T16:49:04.870Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-06-17T18:44:02.945Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.exploit-db.com/exploits/52328"
              },
              {
                "url": "https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html?m=1"
              },
              {
                "url": "https://packetstorm.news/files/id/200819/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "John Blackbourn | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-22T14:38:12.552Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-29T09:51:52.680Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-28000",
        "datePublished": "2024-08-21T13:53:57.747Z",
        "dateReserved": "2024-02-29T06:17:46.687Z",
        "dateUpdated": "2026-04-29T09:51:52.680Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3246 (GCVE-0-2024-3246)

    Vulnerability from nvd – Published: 2024-07-24 03:17 – Updated: 2026-04-08 17:03
    VLAI
    Title
    LiteSpeed Cache <= 6.2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the token setting and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 6.2.0.1 (semver)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 0 , ≤ 6.2.0.1 (semver)
        cpe:2.3:a:litespeedtech:litespeed_cache:-:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Krzysztof Zając
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:-:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThanOrEqual": "6.2.0.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T16:56:36.705941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T16:58:28.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:05:08.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8036bd83-9af5-4b71-8974-9b0690ea6769?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3123399/litespeed-cache/trunk/src/cloud.cls.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "6.2.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Krzysztof Zaj\u0105c"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the token setting and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:31.910Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8036bd83-9af5-4b71-8974-9b0690ea6769?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3123399/litespeed-cache/trunk/src/cloud.cls.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 6.2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-3246",
        "datePublished": "2024-07-24T03:17:17.104Z",
        "dateReserved": "2024-04-02T21:30:19.551Z",
        "dateUpdated": "2026-04-08T17:03:31.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54420 (GCVE-0-2026-54420)

    Vulnerability from cvelistv5 – Published: 2026-06-14 03:23 – Updated: 2026-06-16 03:56 X_Known Exploited Vulnerability
    VLAI CISA KEVIntel
    Summary
    LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-61 - UNIX Symbolic Link (Symlink) Following
    Assigner
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies cPanel Plugin Affected: 2.3 , < 2.4.8 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54420",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-06-15",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T03:56:05.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-15T00:00:00.000Z",
                "value": "CVE-2026-54420 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "WHM and cPanel PlugIn",
              "platforms": [
                "Linux"
              ],
              "product": "cPanel Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "2.4.8",
                  "status": "affected",
                  "version": "2.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-61",
                  "description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-14T03:23:12.863Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel"
            },
            {
              "url": "https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the LiteSpeed WHM PlugIn v5.3.2.0 or higher (which includes the cPanel PlugIn v2.4.8)."
                }
              ],
              "value": "Upgrade to the LiteSpeed WHM PlugIn v5.3.2.0 or higher (which includes the cPanel PlugIn v2.4.8)."
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Disable the cPanel PlugIn for LiteSpeed"
                }
              ],
              "value": "Disable the cPanel PlugIn for LiteSpeed"
            }
          ],
          "x_generator": {
            "engine": "CVE-Request-form 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2026-54420",
        "datePublished": "2026-06-14T03:23:12.863Z",
        "dateReserved": "2026-06-14T03:23:12.439Z",
        "dateUpdated": "2026-06-16T03:56:05.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3375 (GCVE-0-2026-3375)

    Vulnerability from cvelistv5 – Published: 2026-05-27 07:45 – Updated: 2026-05-27 10:28
    VLAI
    Title
    LiteSpeed Cache <= 7.7 - Unauthenticated Stored Cross-Site Scripting via QUIC.cloud CCSS/UCSS REST API Endpoints
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notify_ucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud callback notifications and store it to disk without sanitization. The stored content is later rendered inline frontend page loads without output escaping. The access control protecting these endpoints is IP-based validation that can potentially be bypassed when the WordPress site is deployed behind a reverse proxy, load balancer, or CDN with certain configurations. This makes it possible for unauthenticated attackers, under certain conditions, to inject arbitrary JavaScript into CCSS/UCSS content.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 7.7 (semver)
    Create a notification for this product.
    Credits
    Osvaldo Noe Gonzalez Del Rio
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3375",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-27T10:15:22.902299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T10:28:19.176Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "7.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Osvaldo Noe Gonzalez Del Rio"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notify_ucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud callback notifications and store it to disk without sanitization. The stored content is later rendered inline frontend page loads without output escaping. The access control protecting these endpoints is IP-based validation that can potentially be bypassed when the WordPress site is deployed behind a reverse proxy, load balancer, or CDN with certain configurations. This makes it possible for unauthenticated attackers, under certain conditions, to inject arbitrary JavaScript into CCSS/UCSS content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-27T07:45:55.498Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40fa29f5-525a-4986-91f9-0210a7594e46?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/rest.cls.php#L108"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/cloud.cls.php#L2085"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/css.cls.php#L401"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/css.cls.php#L595"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/optimize.cls.php#L477"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/trunk/src/router.cls.php#L732"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3473912/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-28T01:14:46.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2026-05-26T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 7.7 - Unauthenticated Stored Cross-Site Scripting via QUIC.cloud CCSS/UCSS REST API Endpoints"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2026-3375",
        "datePublished": "2026-05-27T07:45:55.498Z",
        "dateReserved": "2026-02-28T00:59:32.665Z",
        "dateUpdated": "2026-05-27T10:28:19.176Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48172 (GCVE-0-2026-48172)

    Vulnerability from cvelistv5 – Published: 2026-05-21 00:38 – Updated: 2026-05-27 03:55 X_Known Exploited Vulnerability
    VLAI CISA KEVIntel
    Summary
    LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48172",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-21T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-05-26",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48172"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T03:55:24.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48172"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-26T00:00:00.000Z",
                "value": "CVE-2026-48172 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/download/",
              "defaultStatus": "unaffected",
              "packageName": "WHM Plugin/cPanel Plugin",
              "platforms": [
                "Linux"
              ],
              "product": "cPanel Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "2.4.7",
                  "status": "affected",
                  "version": "2.3",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "WHM Plugin/cPanel Plugin",
              "platforms": [
                "Linux"
              ],
              "product": "WHM Plugin",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "lessThan": "5.3.1.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Installation of the LiteSpeed cPanel PlugIn v2.3 or higher."
                }
              ],
              "value": "Installation of the LiteSpeed cPanel PlugIn v2.3 or higher."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE \"cpanel_jsonapi_func=redisAble\" /var/cpanel/logs /usr/local/cpanel/logs/ 2\u003e/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-24T23:05:58.862Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel"
            },
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/release-log"
            },
            {
              "url": "https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Installation of LiteSpeed WHM PlugIn 5.3.1.0 and cPanel 2.4.7.\u0026nbsp; Though installation of WHM 5.2.10 and cPanel 2.4.5 and above mitigate most of the issues."
                }
              ],
              "value": "Installation of LiteSpeed WHM PlugIn 5.3.1.0 and cPanel 2.4.7.\u00a0 Though installation of WHM 5.2.10 and cPanel 2.4.5 and above mitigate most of the issues."
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "x_generator": {
            "engine": "CVE-Request-form 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2026-48172",
        "datePublished": "2026-05-21T00:38:04.489Z",
        "dateReserved": "2026-05-21T00:38:03.845Z",
        "dateUpdated": "2026-05-27T03:55:24.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-31386 (GCVE-0-2026-31386)

    Vulnerability from cvelistv5 – Published: 2026-03-16 05:21 – Updated: 2026-03-16 15:29
    VLAI
    Summary
    OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-31386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T15:28:55.405089Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T15:29:03.838Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLiteSpeed",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LSWS Enterprise",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T05:21:13.948Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://openlitespeed.org/"
            },
            {
              "url": "https://www.litespeedtech.com/products/litespeed-web-server"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN22152812/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2026-31386",
        "datePublished": "2026-03-16T05:21:13.948Z",
        "dateReserved": "2026-03-09T09:07:18.132Z",
        "dateUpdated": "2026-03-16T15:29:03.838Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12450 (GCVE-0-2025-12450)

    Vulnerability from cvelistv5 – Published: 2025-10-29 09:27 – Updated: 2026-04-08 17:10
    VLAI
    Title
    LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 7.5.0.1 (semver)
    Create a notification for this product.
    Credits
    Nicholas Giemsa
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12450",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-29T13:59:23.823522Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-29T13:59:32.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "7.5.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Nicholas Giemsa"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:10:46.784Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98f71c32-9453-4598-acb5-242818508c74?source=cve"
            },
            {
              "url": "https://github.com/litespeedtech/lscache_wp/commit/3d473f44d37ec2a834162ff1d86c017e9ae67db3"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-10-28T21:00:40.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2025-10-28T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 7.5.0.1 - Reflected Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-12450",
        "datePublished": "2025-10-29T09:27:57.311Z",
        "dateReserved": "2025-10-28T20:45:41.236Z",
        "dateUpdated": "2026-04-08T17:10:46.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54939 (GCVE-0-2025-54939)

    Vulnerability from cvelistv5 – Published: 2025-08-01 00:00 – Updated: 2025-08-20 19:55
    VLAI
    Summary
    LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LSQUIC Affected: 0 , < 4.3.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54939",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-01T17:49:17.600012Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-01T17:49:41.258Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LSQUIC",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThan": "4.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:litespeedtech:lsquic:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-20T19:55:50.645Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/litespeedtech/lsquic/blob/70486141724f85e97b08f510673e29f399bbae8f/CHANGELOG#L1-L3"
            },
            {
              "url": "https://github.com/litespeedtech/lsquic/commit/4cd9252e77fb4a36b572e2167a84067d603d3b23"
            },
            {
              "url": "https://www.imperva.com/blog/quic-leak-cve-2025-54939-new-high-risk-pre-handshake-remote-denial-of-service-in-lsquic-quic-implementation/"
            },
            {
              "url": "https://blog.litespeedtech.com/2025/08/18/litespeed-security-update/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-54939",
        "datePublished": "2025-08-01T00:00:00.000Z",
        "dateReserved": "2025-08-01T00:00:00.000Z",
        "dateUpdated": "2025-08-20T19:55:50.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24947 (GCVE-0-2025-24947)

    Vulnerability from cvelistv5 – Published: 2025-02-20 00:00 – Updated: 2025-02-20 20:19
    VLAI
    Summary
    A hash collision vulnerability (in the hash table used to manage connections) in LSQUIC (aka LiteSpeed QUIC) before 4.2.0 allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This is caused by XXH32 usage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LSQUIC Affected: 0 , < 4.2.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T20:18:13.503625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:19:05.607Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LSQUIC",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThan": "4.2.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:litespeedtech:lsquic:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A hash collision vulnerability (in the hash table used to manage connections) in LSQUIC (aka LiteSpeed QUIC) before 4.2.0 allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This is caused by XXH32 usage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "CWE-407 Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-20T02:40:12.338Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://xxhash.com"
            },
            {
              "url": "https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory"
            },
            {
              "url": "https://github.com/litespeedtech/lsquic/releases/tag/v4.2.0"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-24947",
        "datePublished": "2025-02-20T00:00:00.000Z",
        "dateReserved": "2025-01-29T00:00:00.000Z",
        "dateUpdated": "2025-02-20T20:19:05.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-50550 (GCVE-0-2024-50550)

    Vulnerability from cvelistv5 – Published: 2024-10-29 09:57 – Updated: 2026-05-11 21:29
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.1 - Privilege Escalation vulnerability
    Summary
    Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through <= 6.5.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.1 (custom)
    Create a notification for this product.
    litespeed_technologies litespeed_cache Affected: 0 , ≤ 6.5.1 (custom)
        cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:28
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeed_technologies",
                "versions": [
                  {
                    "lessThanOrEqual": "6.5.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-50550",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-29T14:38:29.233571Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-11T21:29:32.779Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.2",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:28:57.442Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:32.059Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.1 - Privilege Escalation vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-50550",
        "datePublished": "2024-10-29T09:57:24.051Z",
        "dateReserved": "2024-10-24T07:27:56.548Z",
        "dateUpdated": "2026-05-11T21:29:32.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-44000 (GCVE-0-2024-44000)

    Vulnerability from cvelistv5 – Published: 2024-10-20 11:26 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability
    Summary
    Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through < 6.5.0.1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.1 (custom)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 0 , < 6.5.0.1 (custom)
        cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:27
    Credits
    Rafie Muhammad | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThan": "6.5.0.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44000",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-21T19:09:19.973432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-21T19:11:21.875Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.0.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Rafie Muhammad | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:27:37.724Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c 6.5.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through \u003c 6.5.0.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:15.844Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-1-unauthenticated-account-takeover-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-44000",
        "datePublished": "2024-10-20T11:26:22.948Z",
        "dateReserved": "2024-08-18T21:57:37.333Z",
        "dateUpdated": "2026-04-28T16:10:15.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47637 (GCVE-0-2024-47637)

    Vulnerability from cvelistv5 – Published: 2024-10-16 13:12 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.4.1 - Path Traversal vulnerability
    Summary
    Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through <= 6.4.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.4.1 (custom)
    Create a notification for this product.
    litespeed_technologies litespeed_cache Affected: 0 , ≤ 6.4.1 (custom)
        cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-01 16:27
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeed_technologies:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeed_technologies",
                "versions": [
                  {
                    "lessThanOrEqual": "6.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47637",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:41:42.740083Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:43:35.504Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:27:55.673Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.4.1.\u003c/p\u003e"
                }
              ],
              "value": "Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.4.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:20.743Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-4-1-path-traversal-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.4.1 - Path Traversal vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47637",
        "datePublished": "2024-10-16T13:12:53.310Z",
        "dateReserved": "2024-09-30T11:16:50.532Z",
        "dateUpdated": "2026-04-28T16:10:20.743Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47373 (GCVE-0-2024-47373)

    Vulnerability from cvelistv5 – Published: 2024-10-05 15:17 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-04-01 16:30
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-07T13:15:23.157378Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-07T13:15:38.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:30:24.452Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:19.957Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability-2?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47373",
        "datePublished": "2024-10-05T15:17:28.989Z",
        "dateReserved": "2024-09-24T13:01:41.750Z",
        "dateUpdated": "2026-04-28T16:10:19.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-47374 (GCVE-0-2024-47374)

    Vulnerability from cvelistv5 – Published: 2024-10-05 15:16 – Updated: 2026-04-28 16:10
    VLAI
    Title
    WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.5.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-04-01 16:28
    Credits
    TaiYou | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47374",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-07T13:15:39.033953Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-07T13:15:53.095Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.5.1",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.5.0.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "TaiYou | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-01T16:28:01.443Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.5.0.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:10:20.025Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-47374",
        "datePublished": "2024-10-05T15:16:09.263Z",
        "dateReserved": "2024-09-24T13:01:41.751Z",
        "dateUpdated": "2026-04-28T16:10:20.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-9169 (GCVE-0-2024-9169)

    Vulnerability from cvelistv5 – Published: 2024-09-25 08:31 – Updated: 2026-04-08 16:33
    VLAI
    Title
    litespeed cache <= 6.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 6.4.1 (semver)
    Create a notification for this product.
    Credits
    Islam Rafei
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9169",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T13:10:07.026970Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T13:21:38.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Islam Rafei"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:33:20.032Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/051a987a-944a-4898-872b-0456f0f59b27?source=cve"
            },
            {
              "url": "https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-26T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2025-06-05T17:22:04.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-09-24T20:10:10.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "litespeed cache \u003c= 6.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-9169",
        "datePublished": "2024-09-25T08:31:05.854Z",
        "dateReserved": "2024-09-24T19:58:41.752Z",
        "dateUpdated": "2026-04-08T16:33:20.032Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-28000 (GCVE-0-2024-28000)

    Vulnerability from cvelistv5 – Published: 2024-08-21 13:53 – Updated: 2026-04-29 09:51 X_Known Exploited Vulnerability
    VLAI KEVIntel
    Title
    WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability
    Summary
    Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through <= 6.3.0.1.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    LiteSpeed Technologies LiteSpeed Cache Affected: 0 , ≤ 6.3.0.1 (custom)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 1.9 , ≤ 6.3.0.1 (custom)
        cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-04-22 14:38
    Credits
    John Blackbourn | Patchstack Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThanOrEqual": "6.3.0.1",
                    "status": "affected",
                    "version": "1.9",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-28000",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T16:45:06.468347Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T16:49:04.870Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-06-17T18:44:02.945Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.exploit-db.com/exploits/52328"
              },
              {
                "url": "https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html?m=1"
              },
              {
                "url": "https://packetstorm.news/files/id/200819/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "litespeed-cache",
              "product": "LiteSpeed Cache",
              "vendor": "LiteSpeed Technologies",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "6.4",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "6.3.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "John Blackbourn | Patchstack Bug Bounty Program"
            }
          ],
          "datePublic": "2026-04-22T14:38:12.552Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-29T09:51:52.680Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
            }
          ],
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "WordPress LiteSpeed Cache plugin \u003c= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2024-28000",
        "datePublished": "2024-08-21T13:53:57.747Z",
        "dateReserved": "2024-02-29T06:17:46.687Z",
        "dateUpdated": "2026-04-29T09:51:52.680Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3246 (GCVE-0-2024-3246)

    Vulnerability from cvelistv5 – Published: 2024-07-24 03:17 – Updated: 2026-04-08 17:03
    VLAI
    Title
    LiteSpeed Cache <= 6.2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
    Summary
    The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the token setting and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    litespeedtech LiteSpeed Cache Affected: 0 , ≤ 6.2.0.1 (semver)
    Create a notification for this product.
    litespeedtech litespeed_cache Affected: 0 , ≤ 6.2.0.1 (semver)
        cpe:2.3:a:litespeedtech:litespeed_cache:-:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Krzysztof Zając
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:litespeedtech:litespeed_cache:-:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "litespeed_cache",
                "vendor": "litespeedtech",
                "versions": [
                  {
                    "lessThanOrEqual": "6.2.0.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T16:56:36.705941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T16:58:28.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:05:08.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8036bd83-9af5-4b71-8974-9b0690ea6769?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3123399/litespeed-cache/trunk/src/cloud.cls.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "LiteSpeed Cache",
              "vendor": "litespeedtech",
              "versions": [
                {
                  "lessThanOrEqual": "6.2.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Krzysztof Zaj\u0105c"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the token setting and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:31.910Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8036bd83-9af5-4b71-8974-9b0690ea6769?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3123399/litespeed-cache/trunk/src/cloud.cls.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "LiteSpeed Cache \u003c= 6.2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-3246",
        "datePublished": "2024-07-24T03:17:17.104Z",
        "dateReserved": "2024-04-02T21:30:19.551Z",
        "dateUpdated": "2026-04-08T17:03:31.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }