NITDA urges users of LiteSpeed Cache plugin for WordPress to update

Mon, Sep 30, 2024
By editor
2 MIN READ

Business

THE National Information Technology Development Agency (NITDA) has called on users of LiteSpeed Cache plugin for WordPress, to update to the latest version, (6.4.1), to prevent their websites from being attacked.

Mrs Hadiza Umar, Director, Corporate Affairs and External Relations of the agency, said this in a statement in Abuja on Monday.

LiteSpeed Cache for WordPress (LSCWP) is an all-in-one site acceleration plugin, featuring an exclusive server-level cache and a collection of optimisation features.

Umar said that a critical security vulnerability (CVE-2024-28000) had been discovered in the LSCWP, affecting over five million websites.

“This vulnerability allows attackers to take complete control of a website without requiring any authentication.

“The vulnerability is due to a flaw in the plugin’s role simulation feature and if exploited, an attacker can manipulate this flaw to gain administrative access to the website.

“This could lead to the installation of malicious plugins, theft of data, or even redirection of site visitors to harmful websites.

“Website administrators using the LiteSpeed Cache plugin are strongly advised to update to the latest version (6.4.1) immediately,” she said.

She noted that the simplicity of the attack vector, combined with a weak hash function, made it easy for attackers to exploit this vulnerability by guessing via brute-forcing or exploiting exposed debug logs.

According to her, to check for updates, log in to your WordPress dashboard and navigate to the Plugins section, where you can update the LiteSpeed Cache plugin.

“As a precautionary measure, administrators should ensure that debugging is disabled on live websites and regularly audit their plugin settings to prevent vulnerabilities from being exploited,” Umar said.

(NAN)

A.I

Sept. 30, 2024

Tags:


Nigeria Customs dissolves joint border patrol team

THE Nigeria Customs Service (NCS) has announced the dissolution of its Joint Border Patrol Team (JBPT). The National Public Relations...

Read More
Nigeria can earn N1trn monthly from moringa farming—Association

THE Moringa Production, Marketers and Farmers Welfare and Empowerment Association says its partnership with the Federal Government can generate N1trillion...

Read More
Avoid rickety boats, drunk operators,  NIWA warns Nigerians

…Oyebamiji advocates passage Of Coast Guards Bill IN furtherance of its efforts to ensure safety on Nigeria’s waterways,  the National...

Read More