The National Information Technology Development Agency (NITDA) has raised a red flag, warning WordPress users in Nigeria about a critical security vulnerability affecting the LiteSpeed Cache plugin. This flaw, labeled CVE-2024-28000, threatens over five million websites worldwide, potentially allowing cybercriminals to take full control of compromised sites.
The LiteSpeed Cache plugin, widely used to optimize website performance, has become a target for hackers due to a vulnerability in its “role simulation” feature. NITDA revealed that this flaw can be exploited by attackers to gain administrative access to websites without the need for authentication.
Once control is seized, attackers could deploy malicious plugins, steal sensitive data, or redirect users to dangerous sites. The vulnerability is exacerbated by a weak hash function, making it easier for attackers to exploit through brute force or by manipulating debug logs that expose sensitive information.
NITDA emphasised that with over 5 million websites relying on LiteSpeed Cache, the potential damage is extensive. The risks posed by the vulnerability include data theft, where attackers could steal sensitive user information, such as personal details and payment data; website defacement, where cybercriminals may alter content, plant malicious code, or disrupt site functionality; and the redirection of users to phishing or malware-infested websites. Given WordPress’s popularity, the impact of this vulnerability could result in severe financial and reputational losses for affected businesses.
To curb the threat, NITDA urged all WordPress website administrators using the LiteSpeed Cache plugin to take immediate steps. The agency recommends updating the plugin to its latest version (6.4.1). Administrators can do this by logging into their WordPress dashboard, navigating to the “Plugins” section, and applying the necessary updates.
In addition to updating the plugin, NITDA advises website owners to disable the debugging feature on live sites, which could otherwise expose sensitive information and make it easier for attackers to exploit vulnerabilities.
Regular audits of plugin settings and configurations are also recommended to enhance security. “Website owners should frequently check for vulnerabilities and ensure their plugins are up to date,” the agency stated.
The LiteSpeed Cache plugin, known for enhancing website performance by caching content, has experienced security issues in the past. Previous versions of the plugin, including 3.6 and 6.3.0.1, were susceptible to cross-site scripting (XSS) and unauthenticated privilege escalation, respectively. These flaws allowed attackers to execute harmful code in users’ browsers and elevate their access privileges to that of an administrator.
