Connect with us

    Hi, what are you looking for?

    Tech

    Beware: Hackers Now Exploit LiteSpeed Plugin to take Control of your Website – NITDA warns WordPress users in Nigeria – Ravenewsonline

    DG NITDA

    National Information Technology Development Agency, NITDA has alerted WordPress users in Nigeria about a new vulnerability called CVE-2024-28000, affecting over 5 million websites globally.

     

    The agency gave the warning through a Facebook post on Monday warning WordPress users to be weary of LiteSpeed Cache plugin, noting that it’s a tool many people are using to speed up their websites.

    NITDA noted that Hackers can exploit this plugin to potentially take full control of users website.

    Read Also: Beware of these Malicious Android Apps Stealing Your Sensitive Information – NITDA warns Nigerians 

    The warning stated that the vulnerability lies in the plugin’s “role simulation” feature, which gives cybercriminals admin access to your site without needing a password.

    “Once they’re in, they can install malicious plugins, steal your data, or even redirect visitors to sketchy websites. It’s a huge deal, and you don’t want to be on the receiving end of this.

    “To make things worse, the attack is easy for hackers to pull off, thanks to a weak hash function and the simplicity of the exploit. They can brute force their way in or use exposed debug logs to grab admin rights. If your site gets hit, you could be dealing with data theft, site defacement, or worse, your visitors being sent to dodgy websites.

    But don’t freak out just yet — there’s something you can do! NITDA recommends you update the LiteSpeed Cache plugin to the latest version (6.4.1) ASAP. You can do this in your WordPress dashboard under “Plugins.”

    Also, turn off debugging on live sites (it can expose sensitive info) and regularly check your plugin settings for risks.

    Read Also: We bought NIN slips of Bosun Tijani, NITDA boss for N100 each — Paradigm Initiative

    While LiteSpeed Cache helps boost your site speed, it has had its share of vulnerabilities in the past, from cross-site scripting to privilege escalation.

    The key to staying safe?

    Keep everything updated and stay alert for any security warnings. So, if you have not already, go update that plugin right now — your website’s safety depends on it!

    Spread the love
    Click to comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    ad

    You May Also Like

    News

    The Enugu State Government has accused Olasijibomi Ogundele, CEO of Sujimoto Luxury Construction Limited, of defrauding the state of N5.7 billion paid for the...

    Broadcasting

    Gauteng High Court, Johannesburg, has awarded damages of more than R2.6 million to the girlfriend of a Nigerian citizen who was suffocated to d3ath...

    E-Financial

    The Bank of Ghana (BoG) has announced the suspension of the foreign exchange trading licence of United Bank for Africa (UBA) Ghana, effective September...

    E-Financial

    The Bank of Ghana (BoG) has suspended the remittance partnerships of several fintech companies including Flutterwave, Tap Tap Send, and others for a period...