Vulnerabilities > Layerslider
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-03 | CVE-2024-2879 | SQL Injection vulnerability in Layerslider 7.10.0/7.9.11 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
2023-11-22 | CVE-2023-47786 | Unspecified vulnerability in Layerslider Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions. | 5.4 |