<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 03:58:06 +0000</lastBuildDate>
    <item>
      <title>31e4c33f-567d-42a7-8b59-17ee29802e4d</title>
      <link>https://vulnerability.circl.lu/sighting/31e4c33f-567d-42a7-8b59-17ee29802e4d/export</link>
      <description>{"uuid": "31e4c33f-567d-42a7-8b59-17ee29802e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-12T00:00:45.441602Z"}</description>
      <content:encoded>{"uuid": "31e4c33f-567d-42a7-8b59-17ee29802e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-12T00:00:45.441602Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/31e4c33f-567d-42a7-8b59-17ee29802e4d/export</guid>
      <pubDate>Sun, 12 Jul 2026 00:00:45 +0000</pubDate>
    </item>
    <item>
      <title>c870928b-13db-4354-8a21-7a8e083827ef</title>
      <link>https://vulnerability.circl.lu/sighting/c870928b-13db-4354-8a21-7a8e083827ef/export</link>
      <description>{"uuid": "c870928b-13db-4354-8a21-7a8e083827ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-11T17:00:04.610332Z"}</description>
      <content:encoded>{"uuid": "c870928b-13db-4354-8a21-7a8e083827ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-11T17:00:04.610332Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c870928b-13db-4354-8a21-7a8e083827ef/export</guid>
      <pubDate>Sat, 11 Jul 2026 17:00:04 +0000</pubDate>
    </item>
    <item>
      <title>03b3e91f-d167-4876-8d5a-d655551093aa</title>
      <link>https://vulnerability.circl.lu/sighting/03b3e91f-d167-4876-8d5a-d655551093aa/export</link>
      <description>{"uuid": "03b3e91f-d167-4876-8d5a-d655551093aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-10T01:00:10.768015Z"}</description>
      <content:encoded>{"uuid": "03b3e91f-d167-4876-8d5a-d655551093aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-10T01:00:10.768015Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/03b3e91f-d167-4876-8d5a-d655551093aa/export</guid>
      <pubDate>Fri, 10 Jul 2026 01:00:10 +0000</pubDate>
    </item>
    <item>
      <title>fdee35bf-cac1-404f-bdbe-73e53c086159</title>
      <link>https://vulnerability.circl.lu/sighting/fdee35bf-cac1-404f-bdbe-73e53c086159/export</link>
      <description>{"uuid": "fdee35bf-cac1-404f-bdbe-73e53c086159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-09T03:00:12.112991Z"}</description>
      <content:encoded>{"uuid": "fdee35bf-cac1-404f-bdbe-73e53c086159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-09T03:00:12.112991Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fdee35bf-cac1-404f-bdbe-73e53c086159/export</guid>
      <pubDate>Thu, 09 Jul 2026 03:00:12 +0000</pubDate>
    </item>
    <item>
      <title>a3793051-6fcf-403d-9851-47cc76ab8eb9</title>
      <link>https://vulnerability.circl.lu/sighting/a3793051-6fcf-403d-9851-47cc76ab8eb9/export</link>
      <description>{"uuid": "a3793051-6fcf-403d-9851-47cc76ab8eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mihr42zloo2u", "content": "", "creation_timestamp": "2026-04-01T22:40:08.917367Z"}</description>
      <content:encoded>{"uuid": "a3793051-6fcf-403d-9851-47cc76ab8eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mihr42zloo2u", "content": "", "creation_timestamp": "2026-04-01T22:40:08.917367Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a3793051-6fcf-403d-9851-47cc76ab8eb9/export</guid>
      <pubDate>Wed, 01 Apr 2026 22:40:08 +0000</pubDate>
    </item>
    <item>
      <title>55cc639b-36c3-4330-82b0-f9669dafd0f1</title>
      <link>https://vulnerability.circl.lu/sighting/55cc639b-36c3-4330-82b0-f9669dafd0f1/export</link>
      <description>{"uuid": "55cc639b-36c3-4330-82b0-f9669dafd0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6387", "content": "Patchstack \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache WordPress \u0441 \u0448\u0435\u0441\u0442\u044c\u044e \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044f\u043c \u0441\u0430\u0439\u0442\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCVE-2024-50550 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0441\u043b\u0430\u0431\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0445\u044d\u0448\u0430 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439\u00bb \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0438\u043c\u0438\u0442\u0430\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0441\u043a\u0430\u043d\u0435\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0430\u0439\u0442\u044b \u0441 \u0440\u0430\u0437\u043d\u044b\u0445 \u0443\u0440\u043e\u0432\u043d\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f ('is_role_simulation()') \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0434\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0430\u0431\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 cookie ('litespeed_hash' \u0438 'litespeed_flash_hash').\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u0438 \u0445\u0435\u0448\u0438 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u043c\u0438 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0435\u0448-\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0438\u043c\u0435\u044e\u0442 \u0434\u043b\u0438\u043d\u0443 32 \u0441\u0438\u043c\u0432\u043e\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0431\u0440\u0430\u0442\u044c \u0438\u0445 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0439.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0438\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0431\u0430\u0437\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u0438 \u043f\u0440.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Patchstack 23 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u0441\u0432\u044f\u0437\u0430\u043b\u0430\u0441\u044c \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 LiteSpeed.\n\n\u041f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0440\u0435\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0431\u044b\u043b \u0433\u043e\u0442\u043e\u0432 \u043a 10 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u043d LiteSpeed \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044f.\n\n17 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a LiteSpeed Technologies \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2024-50550 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 6.5.2 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0443\u043b\u0443\u0447\u0448\u0438\u0432 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438 \u0441\u0434\u0435\u043b\u0430\u0432 \u0438\u0445 \u043f\u043e\u0434\u0431\u043e\u0440 \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 WordPress, \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432, \u043d\u043e \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0435\u0449\u0435 4 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438.", "creation_timestamp": "2024-11-01T18:05:05.000000Z"}</description>
      <content:encoded>{"uuid": "55cc639b-36c3-4330-82b0-f9669dafd0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6387", "content": "Patchstack \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache WordPress \u0441 \u0448\u0435\u0441\u0442\u044c\u044e \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044f\u043c \u0441\u0430\u0439\u0442\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCVE-2024-50550 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0441\u043b\u0430\u0431\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0445\u044d\u0448\u0430 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439\u00bb \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0438\u043c\u0438\u0442\u0430\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0441\u043a\u0430\u043d\u0435\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0430\u0439\u0442\u044b \u0441 \u0440\u0430\u0437\u043d\u044b\u0445 \u0443\u0440\u043e\u0432\u043d\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f ('is_role_simulation()') \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0434\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0430\u0431\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 cookie ('litespeed_hash' \u0438 'litespeed_flash_hash').\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u0438 \u0445\u0435\u0448\u0438 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u043c\u0438 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0435\u0448-\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0438\u043c\u0435\u044e\u0442 \u0434\u043b\u0438\u043d\u0443 32 \u0441\u0438\u043c\u0432\u043e\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0431\u0440\u0430\u0442\u044c \u0438\u0445 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0439.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0438\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0431\u0430\u0437\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u0438 \u043f\u0440.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Patchstack 23 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u0441\u0432\u044f\u0437\u0430\u043b\u0430\u0441\u044c \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 LiteSpeed.\n\n\u041f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0440\u0435\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0431\u044b\u043b \u0433\u043e\u0442\u043e\u0432 \u043a 10 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u043d LiteSpeed \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044f.\n\n17 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a LiteSpeed Technologies \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2024-50550 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 6.5.2 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0443\u043b\u0443\u0447\u0448\u0438\u0432 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438 \u0441\u0434\u0435\u043b\u0430\u0432 \u0438\u0445 \u043f\u043e\u0434\u0431\u043e\u0440 \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 WordPress, \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432, \u043d\u043e \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0435\u0449\u0435 4 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438.", "creation_timestamp": "2024-11-01T18:05:05.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/55cc639b-36c3-4330-82b0-f9669dafd0f1/export</guid>
      <pubDate>Fri, 01 Nov 2024 18:05:05 +0000</pubDate>
    </item>
    <item>
      <title>9af75a68-e323-4144-9156-c9ee5ded8303</title>
      <link>https://vulnerability.circl.lu/sighting/9af75a68-e323-4144-9156-c9ee5ded8303/export</link>
      <description>{"uuid": "9af75a68-e323-4144-9156-c9ee5ded8303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/1tDohlDRxlW9GcuUW-kyNgehcBffUtqOzF6f6wGoxYUBGg", "content": "", "creation_timestamp": "2024-10-31T15:45:04.000000Z"}</description>
      <content:encoded>{"uuid": "9af75a68-e323-4144-9156-c9ee5ded8303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/1tDohlDRxlW9GcuUW-kyNgehcBffUtqOzF6f6wGoxYUBGg", "content": "", "creation_timestamp": "2024-10-31T15:45:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9af75a68-e323-4144-9156-c9ee5ded8303/export</guid>
      <pubDate>Thu, 31 Oct 2024 15:45:04 +0000</pubDate>
    </item>
    <item>
      <title>f6851073-8a08-4911-8341-fbcb83768440</title>
      <link>https://vulnerability.circl.lu/sighting/f6851073-8a08-4911-8341-fbcb83768440/export</link>
      <description>{"uuid": "f6851073-8a08-4911-8341-fbcb83768440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/KomunitiSiber/2796", "content": "LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites\nhttps://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html\n\nA high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions.\nThe vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin.\n\"The plugin suffers from an unauthenticated privilege escalation vulnerability", "creation_timestamp": "2024-10-31T14:38:57.000000Z"}</description>
      <content:encoded>{"uuid": "f6851073-8a08-4911-8341-fbcb83768440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/KomunitiSiber/2796", "content": "LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites\nhttps://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html\n\nA high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions.\nThe vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin.\n\"The plugin suffers from an unauthenticated privilege escalation vulnerability", "creation_timestamp": "2024-10-31T14:38:57.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f6851073-8a08-4911-8341-fbcb83768440/export</guid>
      <pubDate>Thu, 31 Oct 2024 14:38:57 +0000</pubDate>
    </item>
    <item>
      <title>3e240d4c-4c7d-4b32-9670-5e283f95d737</title>
      <link>https://vulnerability.circl.lu/sighting/3e240d4c-4c7d-4b32-9670-5e283f95d737/export</link>
      <description>{"uuid": "3e240d4c-4c7d-4b32-9670-5e283f95d737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/KAyxnLwub2S5esNe6eQov9MLPOJuyw2DYTEnDXQvgPxAOw", "content": "", "creation_timestamp": "2024-10-31T12:36:34.000000Z"}</description>
      <content:encoded>{"uuid": "3e240d4c-4c7d-4b32-9670-5e283f95d737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/KAyxnLwub2S5esNe6eQov9MLPOJuyw2DYTEnDXQvgPxAOw", "content": "", "creation_timestamp": "2024-10-31T12:36:34.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3e240d4c-4c7d-4b32-9670-5e283f95d737/export</guid>
      <pubDate>Thu, 31 Oct 2024 12:36:34 +0000</pubDate>
    </item>
    <item>
      <title>04035e3d-e1f3-43f0-adf9-4bac4183276e</title>
      <link>https://vulnerability.circl.lu/sighting/04035e3d-e1f3-43f0-adf9-4bac4183276e/export</link>
      <description>{"uuid": "04035e3d-e1f3-43f0-adf9-4bac4183276e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/thehackernews/5812", "content": "High-severity CVE-2024-50550 #vulnerability in LiteSpeed Cache plugin allows unauthorized access, highlighting critical security implications for WordPress users. \n \nRead: https://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html", "creation_timestamp": "2024-10-31T11:28:26.000000Z"}</description>
      <content:encoded>{"uuid": "04035e3d-e1f3-43f0-adf9-4bac4183276e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/thehackernews/5812", "content": "High-severity CVE-2024-50550 #vulnerability in LiteSpeed Cache plugin allows unauthorized access, highlighting critical security implications for WordPress users. \n \nRead: https://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html", "creation_timestamp": "2024-10-31T11:28:26.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/04035e3d-e1f3-43f0-adf9-4bac4183276e/export</guid>
      <pubDate>Thu, 31 Oct 2024 11:28:26 +0000</pubDate>
    </item>
  </channel>
</rss>
