{"vulnerability": "CVE-2024-50550", "sightings": [{"uuid": "a3793051-6fcf-403d-9851-47cc76ab8eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mihr42zloo2u", "content": "", "creation_timestamp": "2026-04-01T22:40:08.917367Z"}, {"uuid": "9bb73975-94d6-42d0-98b9-f12747255ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/cvedetector/9275", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50550 - LiteSpeed Technologies LiteSpeed Cache Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50550 \nPublished : Oct. 29, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T12:15:36.000000Z"}, {"uuid": "3e240d4c-4c7d-4b32-9670-5e283f95d737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/KAyxnLwub2S5esNe6eQov9MLPOJuyw2DYTEnDXQvgPxAOw", "content": "", "creation_timestamp": "2024-10-31T12:36:34.000000Z"}, {"uuid": "9af75a68-e323-4144-9156-c9ee5ded8303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "Telegram/1tDohlDRxlW9GcuUW-kyNgehcBffUtqOzF6f6wGoxYUBGg", "content": "", "creation_timestamp": "2024-10-31T15:45:04.000000Z"}, {"uuid": "f6851073-8a08-4911-8341-fbcb83768440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/KomunitiSiber/2796", "content": "LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites\nhttps://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html\n\nA high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions.\nThe vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin.\n\"The plugin suffers from an unauthenticated privilege escalation vulnerability", "creation_timestamp": "2024-10-31T14:38:57.000000Z"}, {"uuid": "55cc639b-36c3-4330-82b0-f9669dafd0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6387", "content": "Patchstack \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache WordPress \u0441 \u0448\u0435\u0441\u0442\u044c\u044e \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044f\u043c \u0441\u0430\u0439\u0442\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCVE-2024-50550 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0441\u043b\u0430\u0431\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0445\u044d\u0448\u0430 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439\u00bb \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0438\u043c\u0438\u0442\u0430\u0446\u0438\u0438 \u0440\u043e\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0441\u043a\u0430\u043d\u0435\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0430\u0439\u0442\u044b \u0441 \u0440\u0430\u0437\u043d\u044b\u0445 \u0443\u0440\u043e\u0432\u043d\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f ('is_role_simulation()') \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0434\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0430\u0431\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 cookie ('litespeed_hash' \u0438 'litespeed_flash_hash').\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u0438 \u0445\u0435\u0448\u0438 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u043c\u0438 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0435\u0448-\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0438\u043c\u0435\u044e\u0442 \u0434\u043b\u0438\u043d\u0443 32 \u0441\u0438\u043c\u0432\u043e\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0431\u0440\u0430\u0442\u044c \u0438\u0445 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0439.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0438\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0431\u0430\u0437\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u0438 \u043f\u0440.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Patchstack 23 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u0441\u0432\u044f\u0437\u0430\u043b\u0430\u0441\u044c \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 LiteSpeed.\n\n\u041f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0440\u0435\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0431\u044b\u043b \u0433\u043e\u0442\u043e\u0432 \u043a 10 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u043d LiteSpeed \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044f.\n\n17 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a LiteSpeed Technologies \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2024-50550 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 6.5.2 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0443\u043b\u0443\u0447\u0448\u0438\u0432 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438 \u0441\u0434\u0435\u043b\u0430\u0432 \u0438\u0445 \u043f\u043e\u0434\u0431\u043e\u0440 \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 WordPress, \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432, \u043d\u043e \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0435\u0449\u0435 4 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438.", "creation_timestamp": "2024-11-01T18:05:05.000000Z"}, {"uuid": "04035e3d-e1f3-43f0-adf9-4bac4183276e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/thehackernews/5812", "content": "High-severity CVE-2024-50550 #vulnerability in LiteSpeed Cache plugin allows unauthorized access, highlighting critical security implications for WordPress users. \n \nRead: https://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html", "creation_timestamp": "2024-10-31T11:28:26.000000Z"}, {"uuid": "fdee35bf-cac1-404f-bdbe-73e53c086159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-09T03:00:12.112991Z"}, {"uuid": "03b3e91f-d167-4876-8d5a-d655551093aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-10T01:00:10.768015Z"}, {"uuid": "c870928b-13db-4354-8a21-7a8e083827ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-11T17:00:04.610332Z"}, {"uuid": "31e4c33f-567d-42a7-8b59-17ee29802e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50550", "type": "seen", "source": "https://t.me/brutsecurity/1047", "content": "CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating \ud83d\udd25\n\nWeak security hash verification vulnerability allows an attacker to gain administrative privileges.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/A60iV\n\ud83d\udc49 Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/", "creation_timestamp": "2026-07-12T00:00:45.441602Z"}]}