4 matches found
VulnCheck KEV: CVE-2024-2879
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the lsgetpopupmarkup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...
The vulnerability of the `ls_get_popup_markup()` function in the `assets/wp/actions.php` script of the LayerSlider plugin for the WordPress content management system allows a hacker to execute arbitrary SQL queries.
The vulnerability of the lsgetpopupmarkup function in the assets/wp/actions.php script of the LayerSlider plugin for the WordPress content management system is related to the lack of protection for the SQL query structure when processing the id parameter. Exploiting this vulnerability allows an...
CVE-2024-2879
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the lsgetpopupmarkup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...
WordPress Plugin LayerSlider SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...