Path Traversal Vulnerability in LiteSpeed Cache by LiteSpeed Technologies
CVE-2024-47637

8.8HIGH

Key Information:

Vendor: WordPress
Status: Litespeed Cache
Vendor: CVE Published:; 16 October 2024

What is CVE-2024-47637?

A relative path traversal vulnerability in the LiteSpeed Cache plugin could allow attackers to manipulate the file paths used by the application. Exploiting this issue may enable unauthorized access to sensitive files, potentially compromising the system. The vulnerability affects LiteSpeed Cache versions up to 6.4.1, underscoring the need for users to update to the latest versions to enhance security.

Affected Version(s)

LiteSpeed Cache 0 <= 6.4.1

References

https://patchstack.com/database/Wordpress/Plugin/litespee...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2024

CVE-2024-47637 Data

JSON

WordPress

What is CVE-2024-47637?

Affected Version(s)

References

CVSS V3.1

Timeline