The National Information Technology Development Agency (NITDA) has issued an urgent warning regarding a security vulnerability identified as CVE-2024-28000, which affects the LiteSpeed Cache plugin for WordPress.
This weakness can compromise over 5 million websites worldwide, allowing malicious actors to gain unauthorised administrative access with minimal effort.
The vulnerability comes from an inadequacy within the plugin’s “role simulation” feature. By exploiting this weakness, attackers can take full control of a website without needing authentication.
Once access is gained, they can deploy malicious plugins, siphon off sensitive data, or redirect users to harmful sites. The ease of exploitation is worsened by the use of a weak hash function and poorly secured debug logs, enabling cybercriminals to leverage brute-force methods for gaining entry.
Affected websites face a high risk of data theft, where attackers could potentially extract confidential user information, including personal and payment details.
Again, the integrity of the site could be compromised through defacement, where malicious content could be inserted or services disrupted. Visitors could also be unwittingly directed to fraudulent websites, thereby exposing them to phishing attacks or malware.
Given the large reliance on WordPress and the LiteSpeed Cache plugin, the implications of this security flaw could be severe for businesses, leading to both financial losses and lasting damage to their reputations.
In light of this, NITDA is strongly advising all administrators of WordPress sites using the LiteSpeed Cache plugin to take immediate action to protect their digital assets.
To mitigate the threat, NITDA recommends that website administrators update the LiteSpeed Cache plugin to the latest version (6.4.1) without delay. Users can verify and perform this update by logging into their WordPress dashboard and navigating to the “Plugins” section.
Additionally, it is important to disable debugging on live sites, as this feature can inadvertently expose sensitive logs that attackers might exploit.
NITDA further urges website owners to routinely audit their plugin settings and configurations to identify and rectify potential vulnerabilities. “Regular checks for plugin updates and security flaws are essential to safeguarding against cyber threats,” the agency stated.
The LiteSpeed Cache plugin is designed to enhance website performance by caching content and resources, yet its history of vulnerabilities underscores the importance of keeping software up to date.
Previous issues have included cross-site scripting (XSS) vulnerabilities and unauthenticated privilege escalations, which allowed attackers to elevate their user privileges and create new administrator accounts.