CVE-2023-40000 PoC — WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Site Wide Stored XSS vulnerability

Source

https://github.com/rxerium/CVE-2023-40000

Associated Vulnerability

Title:WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Site Wide Stored XSS vulnerability (CVE-2023-40000)
Description:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.

Description

LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges

Readme

# CVE-2023-40000
LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges

 ## How does this detection method work?

 This template looks at the following path: `/wp-content/plugins/litespeed-cache/readme.txt`

 Based on the `Stable Tag` listed, if the version is prior to `5.7.0.1` then it is considered to be vulnerable. 

 ## How do I run this template?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t <file.yaml>` 

## References

- https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html
- https://wordpress.org/plugins/litespeed-cache


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

File Snapshot


 [4.0K]  /data/pocs/a089420e8d1b8775ddc7783d314a44167cd61edb
├── [1.4K]  CVE-2023-40000.yaml
└── [ 896]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!