Although this attack requires the browser to be enabled (disabled by default) and used at least once to generate the hash, the researchers also discovered that an insecure Ajax handler can be called to trigger hash generation. “This means that all sites using LiteSpeed Cache – not those with its crawling feature enabled – are vulnerable,” the report said.
Windows systems are not affected
Windows systems are not immune to the vulnerability, the report continued, because the necessary function to generate the hash is not available on Windows, which means, “it means that the hash cannot be generated in Windows-based WordPress environments, which makes the vulnerability exploitable by other [operating systems] such as Linux environments. “
LiteSpeed ”strongly recommends” that users upgrade to version 6.4 or higher of the plugin immediately, and check their sites’ user lists to find any unknown accounts with administrator rights and remove them. If improvements don’t happen immediately, provide temporary mitigation measures in a blog post explaining the problem.
Source link