CVE-2020-29172
MEDIUM WAF: High
CVSS 6.1
Published: 2020-12-26
CWE-79
A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| litespeedtech | litespeed_cache | up to 3.6.1 |
References
- wordpress.org (Third Party Advisory)
- www.litespeedtech.com (Product, Vendor Advisory)