CVE Tools

litespeed technologies

Networking InfrastructureUScommercial

8

Cumulative CVEs

2

Monthly snapshots

#145

Peak rank

Top products

litespeed cache5 litespeed cache for wordpress (lscwp)1

Latest CVEs

The 15 most recently published vulnerabilities affecting litespeed technologies.

CVE-2026-54420LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running C...KEV8.5Jun 14, 2026
CVE-2026-48172LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jso...KEV9.8May 21, 2026
CVE-2026-31386OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative pr...7.2Mar 16, 2026
CVE-2024-51915WordPress LiteSpeed Cache plugin <= 6.5.2 - Cross Site Scripting (XSS) vulnerability6.5Feb 20, 2026
CVE-2021-47855Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting7.2Jan 21, 2026
CVE-2025-47437WordPress LiteSpeed Cache plugin <= 7.0.1 - Server Side Request Forgery (SSRF) vulnerability6.4Sep 9, 2025
CVE-2024-50550WordPress LiteSpeed Cache plugin <= 6.5.1 - Privilege Escalation vulnerability8.1Oct 29, 2024
CVE-2024-44000WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability9.8Oct 20, 2024
CVE-2024-47637WordPress LiteSpeed Cache plugin <= 6.4.1 - Path Traversal vulnerability8.8Oct 16, 2024
CVE-2024-47373WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability6.5Oct 5, 2024
CVE-2024-47374WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability7.1Oct 5, 2024
CVE-2024-28000WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability9.8Aug 21, 2024
CVE-2023-45000WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerability8.2Apr 16, 2024
CVE-2023-40000WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Site Wide Stored XSS vulnerability8.3Apr 16, 2024
CVE-2022-46800WordPress LiteSpeed Cache Plugin <= 5.3 is vulnerable to Cross Site Request Forgery (CSRF)5.4May 25, 2023