Excellent, but the cache exposes sensitive data… - [LiteSpeed Cache] Review | ww.wp.xz.cn

fersitio
(@fersitio)

2 years, 8 months ago

The plugin is excellent and helps to make your website faster, however, if you use a page with dynamic generation, be careful, because, from the tests I did, the cache stores and shows data that cannot be seen by users who should not have access to these data. Very dangerous!

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Support qtwrk
(@qtwrk)

2 years, 7 months ago

the plugin should vary the cache based on user login status with cookie

could you please explain a bit with more detail about your case , and how to reproduce the issue?

we will investigate it.

Thread Starter fersitio
(@fersitio)

2 years, 7 months ago

I’m using a combination of Toolset and Code Snippets plugins in a CPT page. If user is logged, PHP generate data to show in this page. Well, in a test, the data were showed for users not logged, after the user logged accessed the page. So, I disabled the cache.
Feel free to contact me by e-mail.

Plugin Support qtwrk
(@qtwrk)

2 years, 7 months ago

certainly, please create a ticket by mail to support at litespeedtech.com with reference link to this topic

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Excellent, but the cache exposes sensitive data…’ is closed to new replies.

3 replies
2 participants
Last reply from: qtwrk
Last activity: 2 years, 7 months ago