{"vulnerability": "cve-2024-47374", "sightings": [{"uuid": "b1dba3c6-8fc1-4100-b781-eb5d93269c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-47374.yaml", "content": "", "creation_timestamp": "2025-12-08T10:22:20.000000Z"}, {"uuid": "ecc785c4-3d40-4f02-b464-dd7ca4a7bb35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "MISP/2bb5c40c-5583-4a30-bc62-81e5a7af21a7", "content": "", "creation_timestamp": "2025-03-19T15:49:04.000000Z"}, {"uuid": "63643ba6-ba70-44bf-a5ee-f32079b90f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "published-proof-of-concept", "source": "Telegram/8q0G2XoGgrXP8O-oMiUuoKtzfH3vGd_RQiplze-y2V_UL3MF", "content": "", "creation_timestamp": "2025-07-13T02:12:02.000000Z"}, {"uuid": "6094aba1-d33c-42a8-bd21-091e4a9e9837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m7lgxeh6xg23", "content": "", "creation_timestamp": "2025-12-09T21:02:32.793062Z"}, {"uuid": "d5a40dbd-4f15-4473-83b2-a9d0d1f9a6a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "published-proof-of-concept", "source": "Telegram/51t8UUBcVa-x2wjoRIM2mT2i7yna57J_B3bG-USYfuPX_VI", "content": "", "creation_timestamp": "2025-07-13T02:12:01.000000Z"}, {"uuid": "7666c4fb-6a4f-40ec-8fa1-35a4f06db3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "published-proof-of-concept", "source": "Telegram/ZmNdkUlwMi8wIyWb9PMqpqbhuxrMGAAlpZqMM06bDWpior15", "content": "", "creation_timestamp": "2025-07-13T02:12:00.000000Z"}, {"uuid": "aef4211d-0cb1-41be-ab31-dee4831b37f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/cvedetector/7109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47374 - LiteSpeed Technologies LiteSpeed Cache Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-47374 \nPublished : Oct. 5, 2024, 4:15 p.m. | 27\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T18:48:38.000000Z"}, {"uuid": "e9e5ffba-ab83-405d-9fa8-d63cc85cbe2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "Telegram/h9HbZ2k29WBhPqZedI7raK6Z0Uo2xDhBpR3YwH0Zr2iyDfc", "content": "", "creation_timestamp": "2025-07-22T12:59:19.000000Z"}, {"uuid": "1837c955-b383-4e36-ba4e-63b5ce7ded35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/ton618cyber/1751", "content": "WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks\n\nLiteSpeed Cache plugin vulnerability (CVE-2024-47374) exposes WordPress sites to XSS attacks. Update to version 6.5.1 now.\n\nthehackernews.com \u2022 Oct 4, 2024", "creation_timestamp": "2024-10-08T15:45:00.000000Z"}, {"uuid": "d987995c-f5a9-4092-8346-317f52978566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/true_secator/6288", "content": "Patchstack \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f WordPress LiteSpeed, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442 \u0441\u0430\u0439\u0442\u044b XSS-\u0430\u0442\u0430\u043a\u0430\u043c.\n\nCVE-2024-47374\u00a0\u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 7,2 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0434\u043e 6.5.0.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 JavaScript \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 25 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 6.5.1 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Patchstack Alliance TaiYou.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043a\u0440\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0430 \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 - \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 WordPress, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043e\u0434\u0438\u043d HTTP-\u0437\u0430\u043f\u0440\u043e\u0441.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 X-LSCACHE-VARY-VALUE \u0431\u0435\u0437 \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u043e\u0439 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0438 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0431-\u0441\u043a\u0440\u0438\u043f\u0442\u044b.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0441\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b CSS Combine \u0438 Generate UCSS.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e LiteSpeed Cache \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0448\u0435\u0441\u0442\u044c \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u0435\u0441\u044c\u043c\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0443\u044e \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a. \n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-10-07T12:00:06.000000Z"}, {"uuid": "7314d6ee-347f-4712-9ade-d5d5de57bd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4899", "content": "The Hacker News\nWordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks\n\nA new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions.\nThe flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2.\nIt was", "creation_timestamp": "2024-10-04T13:50:21.000000Z"}, {"uuid": "61b1c4dd-77a5-42fa-8d83-dae80ca257cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/KomunitiSiber/2676", "content": "WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks\nhttps://thehackernews.com/2024/10/wordpress-litespeed-cache-plugin.html\n\nA new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions.\nThe flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2.\nIt was", "creation_timestamp": "2024-10-04T19:56:12.000000Z"}, {"uuid": "ef10ef03-a757-4924-833c-8f2e64778c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "Telegram/UO0pGmzJ9UHpxuZ6GitFvD5yVGMXsbbqw5KNvq7i51B8cw", "content": "", "creation_timestamp": "2024-10-04T13:50:21.000000Z"}, {"uuid": "4a2c9443-ff7e-41c7-9c4f-885173b411b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/ton618cyber/5212", "content": "WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks\n\nLiteSpeed Cache plugin vulnerability (CVE-2024-47374) exposes WordPress sites to XSS attacks. Update to version 6.5.1 now.\n\nthehackernews.com \u2022 Oct 4, 2024", "creation_timestamp": "2024-10-08T15:44:58.000000Z"}, {"uuid": "c395aae0-f680-48e2-8e00-9fb22c86c77f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/22812", "content": "The Hacker News\nWordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks\n\nA new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions.\nThe flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2.\nIt was", "creation_timestamp": "2024-10-04T13:50:21.000000Z"}, {"uuid": "8a02a405-6299-4e8f-888a-d8c2c3213d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "Telegram/zp8r53NJoxwfBnrDzdTztdyv8dFmq3tajQhyEKGUQ6QbbQ", "content": "", "creation_timestamp": "2024-10-04T14:48:46.000000Z"}, {"uuid": "84c06f29-be5c-43b8-8971-ab18e9da82d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47374", "type": "seen", "source": "https://t.me/thehackernews/5686", "content": "A major #vulnerability (CVE-2024-47374) in the LiteSpeed Cache WordPress plugin could allow attackers to execute arbitrary #JavaScript and hijack accounts. \n \nFind details here: https://thehackernews.com/2024/10/wordpress-litespeed-cache-plugin.html \n \nPatch now to protect your site.", "creation_timestamp": "2024-10-04T11:12:17.000000Z"}]}