CVE-2024-47373 in LiteSpeed Cache Plugininfo

Summary

by MITRE • 10/05/2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 04/05/2026

The vulnerability identified as CVE-2024-47373 represents a critical cross-site scripting flaw within the LiteSpeed Cache plugin for WordPress systems. This security weakness specifically manifests as an improper neutralization of input during web page generation, creating an environment where malicious scripts can be persistently stored and subsequently executed against unsuspecting users. The vulnerability impacts versions of the LiteSpeed Cache plugin ranging from the initial release through version 6.5.0.2, indicating a broad affected scope that encompasses numerous installations across various WordPress environments. The stored nature of this XSS vulnerability means that malicious payloads are not limited to a single request but can remain embedded within the affected system, continuously threatening visitors who encounter pages generated by the compromised caching mechanism.

This vulnerability falls under the CWE-79 category of Cross-Site Scripting, which is classified as one of the most prevalent and dangerous web application security flaws in the industry. The ATT&CK framework categorizes this as a web application attack vector under the technique of code injection, specifically targeting the web application layer where user input is improperly sanitized. The flaw occurs during the web page generation process where input data from various sources including user comments, form submissions, or administrative settings fails to undergo proper sanitization before being rendered in the output. This allows attackers to inject malicious JavaScript code that gets stored within the application's database or cache storage, making it persistent across multiple user sessions and page views.

The operational impact of this vulnerability extends beyond simple data theft or defacement, as it provides attackers with a persistent foothold within affected WordPress environments. Once an attacker successfully exploits this vulnerability, they can execute arbitrary JavaScript code in the context of any user's browser who visits pages generated by the compromised caching system. This capability enables sophisticated attacks including session hijacking, credential theft, redirection to malicious sites, and even the installation of additional malware. The stored nature of the XSS means that the attack vector remains active even after the initial injection point, potentially allowing attackers to maintain access for extended periods without requiring repeated exploitation attempts. Furthermore, since this affects a widely used caching plugin, the potential attack surface is enormous, encompassing thousands of WordPress installations that rely on LiteSpeed Cache for performance optimization.

Mitigation strategies for CVE-2024-47373 must prioritize immediate plugin updates to versions that have addressed this vulnerability, as the affected range includes several major releases that likely contain the necessary code modifications. Organizations should implement comprehensive input validation and output encoding mechanisms throughout their WordPress installations, ensuring that all user-provided data undergoes proper sanitization before being stored or displayed. Security monitoring should include regular scanning of cached content for malicious script injections, particularly focusing on the plugin's caching directories and database storage areas. Network-level protections such as web application firewalls and content security policies should be deployed to detect and block malicious script execution attempts. Additionally, administrators should conduct thorough security audits of their WordPress environments, reviewing user permissions and access controls to limit the potential impact of any successful exploitation attempts. The vulnerability highlights the critical importance of maintaining up-to-date security patches and implementing defense-in-depth strategies that protect against multiple attack vectors simultaneously.

Responsible

Patchstack

Reservation

09/24/2024

Disclosure

10/05/2024

Moderation

accepted

CPE

ready

EPSS

0.00248

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!