Emil Kylander

**Name of the Vulnerable Software and Affected Versions** LiteSpeed Cache WordPress plugin versions prior to 4.4.4 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the `qc res` parameter is not properly escaped before being outputted back in the JavaScript code of an admin page. This allows for malicious scripts to be injected. **Recommendations** For versions prior to 4.4.4, update to version 4.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin page where the `qc res` parameter is used until a patch is applied. Avoid using the `qc res` parameter in the affected JavaScript code until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** LiteSpeed Cache WordPress plugin versions prior to 4.4.4 **Description** The issue arises from the plugin not properly verifying requests from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific `X-Forwarded-For` header value. Additionally, an endpoint can be used to set CSS code if a setting is enabled, which will then be output in some pages without being sanitized and escaped. This can be exploited by an unauthenticated attacker to put Cross-Site Scripting payloads in pages visited by users. **Recommendations** For versions prior to 4.4.4, update to version 4.4.4 or later to resolve the issue. As a temporary workaround, consider disabling the setting that enables CSS code injection until a patch is available. Restrict access to the vulnerable endpoints to minimize the risk of exploitation. Avoid using the `X-Forwarded-For` header value in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Maintenance WordPress plugin versions prior to 4.03 **Description** The issue allows high privilege users, such as admins, to inject Cross-Site Scripting payload in some of the plugin's settings, even when the unfiltered html capability is disallowed. This payload will be triggered in the frontend. **Recommendations** For Maintenance WordPress plugin versions prior to 4.03, update to version 4.03 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's settings for high privilege users until the update is applied.