Litespeedtech Litespeed Cache
5 CVEs affecting Litespeedtech Litespeed Cache. Latest disclosed: 2026-05-27. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-3375 | High | 7.2 | 2026-05-27 | The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notif… |
CVE-2023-4372 | Medium | 6.4 | 2024-01-11 | The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'esi' shortcode in versions up to, and including, 5.6 due to insu… |
CVE-2025-12450 | Medium | 6.1 | 2025-10-29 | The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insuffic… |
CVE-2024-3246 | Medium | 6.1 | 2024-07-24 | The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or i… |
CVE-2024-9169 | Medium | 5.5 | 2024-09-25 | The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin debug settings in all versions up to, and including, 6.4.1 due… |