Zeitpunkt Nutzer Delta Tröts TNR Titel Version maxTL So 08.09.2024 00:01:09 7.229 0 630.130 87,2 NerdCulture 4.2.12 1.000 Sa 07.09.2024 00:00:24 7.229 0 629.724 87,1 NerdCulture 4.2.12 1.000 Fr 06.09.2024 00:01:08 7.229 -4 629.149 87,0 NerdCulture 4.2.12 1.000 Do 05.09.2024 00:01:08 7.233 -1 628.335 86,9 NerdCulture 4.2.12 1.000 Mi 04.09.2024 00:01:07 7.234 +1 627.621 86,8 NerdCulture 4.2.12 1.000 Di 03.09.2024 00:00:24 7.233 -1 627.043 86,7 NerdCulture 4.2.12 1.000 Mo 02.09.2024 00:01:14 7.234 +1 626.380 86,6 NerdCulture 4.2.12 1.000 So 01.09.2024 00:00:05 7.233 -2 625.866 86,5 NerdCulture 4.2.12 1.000 Sa 31.08.2024 00:00:15 7.235 +1 625.526 86,5 NerdCulture 4.2.12 1.000 Fr 30.08.2024 00:01:10 7.234 0 625.066 86,4 NerdCulture 4.2.12 1.000
Olly 👾 (@Olly42) · 01/2024 · Tröts: 292 · Folger: 32
So 08.09.2024 13:49
LiteSpeed Cache Plugin Vulnerability exposes Millions of WordPress Sites to Attacks.
The issue exists because the plugin may include the HTTP response header for set-cookie in the debug log file after a login request. The vulnerability impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.
#wordpress #litespeed #it #security #engineer #tech #media #news
Because the debug log file is publicly accessible, an unauthenticated attacker could access the information exposed in the file and extract any user cookies stored in it. This would allow attackers to log in to the affected websites as any user for which the session cookie has been leaked, including as administrators, which could lead to site takeover.
[Öffentlich] Antw.: 0 Wtrl.: 4 Fav.: 0 · via Metatext