Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites
April 3, 2024 at 09:18AM A critical SQL injection vulnerability in the LayerSlider plugin, tracked as CVE-2024-2879 with a CVSS score of 9.8, allows unauthenticated attackers to extract sensitive information from website databases. The issue was reported through Defiant’s bug bounty program, and a $5,500 reward was given to the reporting researcher. Users are advised … Read more