LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges
This template looks at the following path: /wp-content/plugins/litespeed-cache/readme.txt
Based on the Stable Tag listed, if the version is prior to 5.7.0.1 then it is considered to be vulnerable.
- Download Nuclei from here
- Copy the template to your local system
- Run the following command:
nuclei -u https://yourHost.com -t <file.yaml>
- https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html
- https://wordpress.org/plugins/litespeed-cache
Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.