CVE-2023-40000

ENISA EUVD: EUVD-2023-44623 ↗

✓ Confirmed 0-Day

Triaged: March 20, 2026 3 articles Published: 2024-04-16

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-23

80.69%

probability

This CVE has a 80.69% probability of being exploited in the next 30 days.

0% Top 99.2th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.3

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Description

VulnerabilityLookup (CNA)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.

Affected Products

LiteSpeed Technologies

LiteSpeed Cache

litespeedtech

litespeed cache

LiteSpeed Technologies

LiteSpeed Cache

n/a ≤5.7

Attack Intelligence

CWE-707 · Improper Neutralization CWE-74 · Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79 · Cross-site Scripting

Exploits & PoC

rxerium/CVE-2023-40000

LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges

7 2025-10-14

quantiom/litespeed-cache-xss-poc

PoC for XSS vulnerability in the LiteSpeed Cache WordPress plugin (CVE-2023-40000) allowing elevated privileges. Includes code, explanations, and miti

5 2024-05-12

iveresk/cve-2023-40000

That's a PoC of cve-2023-40000. Wordpress LiteSpeed Cache exploit.

1 2024-05-13

3 repos — triés par ⭐ Rechercher sur GitHub ↗

https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-site-wide-stored-xss-vulnerability?_s_id=cve

vdb-entry

Signal Intelligence

Confidenceⓘ

78%

EPSS 80.69%

CVSS v3.1 8.3

Mentions 3

CNA Information

CNA Assigner

Patchstack

CNA Title

WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Site Wide Stored XSS vulnerability

Analyst Note

CVE-2023-40000 in LiteSpeed Cache is explicitly documented as actively exploited in the wild (rogue admin account creation by threat actors per WPScan/TheHackerNews). The vulnerability was patched in October 2023 (version 5.7.0.1), and exploitation reports appear contemporaneous with or immediately following patch availability, meeting zero-day exploitation criteria.

Threat Actors 3

TA577

apt_group 🇷🇺 RU

NARWHAL SPIDER

apt_group 🇷🇺 RU

Moskalvzapoe

apt_group 🇷🇺 RU

Triage Info

Decided atMar 20, 2026

Published DateApr 16, 2024