Not all websites on the Internet are safe. This is obvious and something that must always be kept in mind to avoid making mistakes. However, we can come across sites that are reliable, that have been created without any malicious intent, but that have some vulnerability and, momentarily, are very dangerous. This is what happens with several million pages that have a vulnerability.
This is a bug that has affected around six million WordPress websites. This leaves them exposed to hijacking attacks. Basically, an attacker can control the website and, from there, distribute malware, phishing attacks, redirect visitors to other malicious pages…
Bug affecting millions of pages
This vulnerability has been registered as CVE-2024-44000. It affects LiteSpeed ​​Cache and was discovered a few days ago. It appears to potentially expose around six million WordPress sites, so pages of all kinds can be compromised and put many users at risk.
The flaw affects a function of this plugin, which is responsible for recording the HTTP headers of a file. These types of headers contain session cookies that serve to authenticate users of that website. If an attacker steals them, it could impersonate the administrator of the page and take full control.
Users need to log in to that website while the debugging feature is active. This way, they could steal session cookies and take control. From there, they could modify that page and potentially affect other users who access it.
Avoid problems
If you have a WordPress website, and you use the LiteSpeed ​​Cache plugin, security researchers recommend that you purge all debug.log files from your servers to remove cookies that could be stolen. They also recommend creating a .htaccess rule to prevent direct access to log files.
However, the most important thing is to keep everything up to date. They have already released LiteSpeed ​​Cache v6.5.0.1 to fix the problem. However, so far there have only been about 400,000 downloads since that version became available, so we are talking about more than 5.5 million pages still being vulnerable.
As home users, you should always be very careful about the pages you visit. You should be alert in case you see a strange link, a suspicious dialog box or you have been redirected to a page that has nothing to do with what you expected.
You could be the victim of a wide variety of attacks, such as phishing, malware, or theft of personal information. In most cases, it is up to you to reduce risks and avoid falling into the trap of cybercriminals. Always make sure that your devices are well protected.
All in all, be careful if you use the LiteSpeed ​​Cache plugin for WordPress. There are millions of vulnerable sites right now. Also, as a home user, you should take extra precautions and always browse safely. Avoid exposing information when browsing when it is not necessary.
