Layerslider Security Vulnerabilities and Issues — Layerslider CVE List

Lucene search

KreaturamediaLayerslider

4 matches found

CVE•added 2022/04/25 4:16 p.m.•105 views

CVE-2022-1153

The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

4.8CVSS4.7AI score0.00214EPSS

CVE•added 2024/04/03 4:15 a.m.•91 views

CVE-2024-2879

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated a...

9.8CVSS8.1AI score0.93545EPSS

CVE•added 2023/11/22 10:15 p.m.•81 views

CVE-2023-47786

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin

6.5CVSS6AI score0.00077EPSS

CVE•added 2023/11/22 7:15 p.m.•66 views

CVE-2023-47785

Cross-Site Request Forgery (CSRF) vulnerability in LayerSlider plugin

8.8CVSS7.9AI score0.00072EPSS