We don’t normally publish mid-week ShieldNOTES, but this vulnerability is so severe, and for a plugin so widely distributed (5+ million), that we felt you should be aware sooner, rather than later.
#1 – Vulnerable: LiteSpeed Cache Plugin
Privilege Escalation Risk for 5+ million installs.
How will I know I’m okay?
Upgrade ASAP to v6.4.1+
What’s the risk?
Severity risk 9.8/10 – Privilege Escalation – an attacker can gain full access to a site by escalating their low user privileges.
Editor Comment
Please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.
Also, we highly recommend that you make use of ShieldPRO’s feature that automatically suspends idle user account. This helps reduce the risk of older, abandoned accounts being taken over and used in attacks such as these.
Thanks for reading, and I hope you’re having a great week so far!
Paul Goodchild
Shield Security for WordPress