Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
layerslider vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-2879
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
Layerslider Layerslider 7.10.0
Layerslider Layerslider 7.9.11
2 Github repositories
1 Article
5.4
CVSSv3
CVE-2023-47786
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.
Layerslider Layerslider
8.8
CVSSv3
CVE-2023-47785
Cross-Site Request Forgery (CSRF) vulnerability in LayerSlider plugin <= 7.7.9 versions.
Kreaturamedia Layerslider
4.8
CVSSv3
CVE-2022-1153
The LayerSlider WordPress plugin prior to 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
Layslider Layslider
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started