Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL...

LayerSlider <= 6.2.0 - CSRF / Authenticated Stored XSS & SQL Injection

The LayerSlider WordPress plugin was affected by a CSRF / Authenticated Stored XSS & SQL Injection security vulnerability...