Title: Vulnerabilities Notification
Last modified: September 17, 2024

---

# Vulnerabilities Notification

 *  Resolved [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * (@umbrellaweb)
 * [1 year, 9 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/)
 * Hi There,
 * Due to the multiple issues with the current version (some sites it just doesnt
   work!) we are using an older version which works greate, v5.7.0.1.
 * The sites using this version ae getting pushed nitifcations:
 * > Vulnerabilities have been discovered in your installed version of the LiteSpeed
   > Cache plugin. Please update to the latest version (v6.5+) as soon as possible.
 * From our understanding the v5.7.0.1 is a patched version according too: [https://wordpress.org/support/topic/litespeed-plugin-vulnerability-puts-5-million-sites-at-risk/](https://wordpress.org/support/topic/litespeed-plugin-vulnerability-puts-5-million-sites-at-risk/)
   SO why are these notifcations being pushed to sites on the plugin page?
 * Is there a** NEW vulnerability**?????? this: [https://www.rewterz.com/threat-advisory/critical-vulnerability-discovered-in-wordpress-litespeed-cache-plugin](https://www.rewterz.com/threat-advisory/critical-vulnerability-discovered-in-wordpress-litespeed-cache-plugin)
   states that there is a NEW issue if you use the debug.log (which we do/are not)
   but neverthless… is that correct???
 * IF so, its not realistic to move to the newer (and IMHO buggier 6.5+ versions)
   for some sites as it just kills site speeed. Will a patch be release for older
   patched versions???

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Support [qtwrk](https://wordpress.org/support/users/qtwrk/)
 * (@qtwrk)
 * [1 year, 9 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18020199)
 * yes, it’s different issue
 * if you can not ugprade , then please put this rule at top of your .htaccess
 *     ```wp-block-code
       RewriteEngine OnRewriteCond %{HTTP_COOKIE} litespeed_role [NC]RewriteRule ^ - [F,L]
       ```
   
 * this will block the attack vector even without upgrade the plugin
 *  Thread Starter [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * (@umbrellaweb)
 * [1 year, 9 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18022284)
 * [@qtwrk](https://wordpress.org/support/users/qtwrk/) many thanks for the super
   quick response.
 * On another note, concerning that this i second (from what i can tell) vulnerabilitiy
   in the last year of the cache plugin never had this issue with other cache plugins
   we used in the past. hoping this is not going to be a regular occurence….
 *  Thread Starter [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * (@umbrellaweb)
 * [1 year, 8 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18030992)
 * [@qtwrk](https://wordpress.org/support/users/qtwrk/) implemented the code that
   you gave which seems to work BUT still getting the notification popups even though
   we dismissed them. Happening on all the sites using the old version even after
   being dismissed…
 *  Thread Starter [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * (@umbrellaweb)
 * [1 year, 8 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18047835)
 * any update on this please?
 *  Plugin Support [qtwrk](https://wordpress.org/support/users/qtwrk/)
 * (@qtwrk)
 * [1 year, 8 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18050621)
 * you still seeing the notification ?
 * please create a ticket by mail to `support at litespeedtech.com` with reference
   link to this topic , we will investigate further.
 *  Thread Starter [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * (@umbrellaweb)
 * [1 year, 8 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18051609)
 * ok. will send them an email and post update …

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Vulnerabilities Notification’ is closed to new replies.

 * ![](https://ps.w.org/litespeed-cache/assets/icon-256x256.png?rev=2554181)
 * [LiteSpeed Cache](https://wordpress.org/plugins/litespeed-cache/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/litespeed-cache/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/litespeed-cache/)
 * [Active Topics](https://wordpress.org/support/plugin/litespeed-cache/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/litespeed-cache/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/litespeed-cache/reviews/)

 * 6 replies
 * 2 participants
 * Last reply from: [UmbrellaWeb](https://wordpress.org/support/users/umbrellaweb/)
 * Last activity: [1 year, 8 months ago](https://wordpress.org/support/topic/vulnerabilities-notification/#post-18051609)
 * Status: resolved