Debug feature writes cookies to file
https://www.bleepingcomputer.com/news/security/litespeed-cache-bug-exposes-6-million-wordpress-sites-to-takeover-attacks/
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.
The flaw, tracked as CVE-2024-44000 and categorized as an unauthenticated account takeover issue, was discovered by Patchstack's Rafie Muhammad on August 22, 2024. A fix was made available yesterday with the release of LiteSpeed Cache version 6.5.0.1.