Read more: thehackernews.com
A critical security flaw (CVE-2024-44000) has been identified in the LiteSpeed Cache plugin for WordPress. This vulnerability, with a CVSS score of 7.5, allows unauthenticated attackers to potentially take over arbitrary accounts on vulnerable WordPress websites. The vulnerability is due to improper access controls within the plugin and has been patched in version 6.5.0.1. It is highly recommended that WordPress website administrators using LiteSpeed Cache update to this version as soon as possible to mitigate potential threats.