WordPress LiteSpeed Cache Vulnerability [CVE-2020-29172]
Research Paper

WordPress LiteSpeed Cache Vulnerability [CVE-2020-29172]

CVE-2020-29172 is a cross-site scripting (XSS) vulnerability. The Server IP option can be used to exploit cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin for WordPress prior to 3.6.1. The plugin does not sanitize invalid IPs given in its Toolbox page before displaying them in an error message which is Stored XSS. XSS is the second most common problem in the OWASP Top 10, appearing in almost two-thirds of all applications.

Key Pointers:
  • Introduction to LightSpeed Cache Vulnerability and XSS
  • Taking a look at the severity of the vulnerability
  • Making a note on the remediation for the vulnerability
  • Setting up the lab and understanding the exploitation scenario
  • Performing the exploit in the lab environment
Get the Research Paper
Thank You for your interest in Safe Security!
Your request content is now available!
Invalid Inputs!

Brands that
trust our competence

Explore more
google logo
facebook logo
british telecom logo
munichre logo
newscorp logo
kfc logo