Million+ Websites at Risk: Urgent Update for LayerSlider Plugin Flaw CVE-2024-2879
April 4, 2024![Million+ Websites at Risk: Urgent Update for LayerSlider Plugin Flaw CVE-2024-2879](https://cdn.brief.news/images/stories/7ea089f01ce6631083ac40db89112d16a02ec07a15af660ca9a2b0b841158bacecb12112c0f060d8de8ef4aa5588300b4f821eeaeda740894708e477bc21dd03.jpg)
A high-severity SQL injection vulnerability, labeled CVE-2024-2879, has been identified in the LayerSlider WordPress plugin.
The vulnerability is critical, with a CVSS score of 9.8, and affects over one million websites.
Attackers can exploit the flaw to access sensitive site data, such as password hashes.
The affected versions of the plugin range from 7.9.11 to 7.10.0.
Security researcher AmrAwad discovered the issue, which was then promptly fixed by the Kreatura Team.
The incident highlights the broader security challenges posed by WordPress plugins.
Site owners must prioritize security by updating plugins, with an immediate recommendation to upgrade LayerSlider to version 7.10.1.
Summary based on 7 sources
Get a daily email with more Tech stories
Sources
![WordPress Security](https://cdn.brief.news/images/links/ebcf2a7f046cfeefad860aa44632954b3329988bc3059b67d70481f85b1d475ba35282d2578988baed198d653ee92093fe7e96fd9a13b8b114aadb5f93350df4.png)
DEV Community • Apr 2, 2024
WordPress Security![Another top WordPress plugin has a serious security flaw — patch now to keep your website safe](https://cdn.brief.news/images/links/ba14ce06aabe792b56cd08624a1999ce1e5feec909c30e2cd2fe5b2bc34208ad141ef63d902f21da4028ee215644531c6455f66a62d00c14088ecd3f745efa73.jpg)
TechRadar pro • Apr 3, 2024
Another top WordPress plugin has a serious security flaw — patch now to keep your website safe![Critical flaw in LayerSlider WordPress plugin impacts 1 million sites](https://cdn.brief.news/images/links/2468fd2cd70ae3709efafb6726f899489e83f0149081e517b58fad46379bb9099015799beaff98804dca4a8c3d69a81abe787176b8ab42544366afccb1e29eb3.jpg)
BleepingComputer • Apr 3, 2024
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites![Critical Security Flaw Found in Popular LayerSlider WordPress Plugin](https://cdn.brief.news/images/links/168c3c7eeefde03bb465f59edb357ef125d057628130e35e53470401a3613dc0960a4dce90c8333c991f4ad5789e030ba3fb094bf3ee7ad35409f7fb050394e5.png)
The Hacker News • Apr 3, 2024
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin