Vulnerabilities > Kreaturamedia > Layerslider > 7.9.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-03 | CVE-2024-2879 | SQL Injection vulnerability in Kreaturamedia Layerslider 7.10.0/7.9.11 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |