CVE-2023-45000

Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7.

CVSS v3.0 5.3 MEDIUM

5.3^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-broken-access-control-on-api-vulnerability?_s_id=cve	Third Party Advisory
https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-broken-access-control-on-api-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:wordpress:*:*

History

06 Mar 2025, 15:00

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
References	~~() https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-broken-access-control-on-api-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-broken-access-control-on-api-vulnerability?_s_id=cve - Third Party Advisory
First Time		Litespeedtech Litespeedtech litespeed Cache
CPE		cpe:2.3:a:litespeedtech:litespeed_cache::::::wordpress::*
CWE	~~CWE-862~~

16 Apr 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-16 18:15

Updated : 2025-03-06 15:00

NVD link : CVE-2023-45000

Mitre link : CVE-2023-45000

JSON object : View

Products Affected

litespeedtech

litespeed_cache

CWE

No CWE.

5.3 /10