Critical Security Flaw Found in Popular LayerSlider WordPress Plugin | allinfosecnews.com

April 3, 2024, 5:11 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes.
The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0.
The issue has been addressed in version

case critical cve cve-2024 cvss cvss score databases extract flaw found hashes information injection password plugin popular score security security flaw sensitive sensitive information sql sql injection wordpress wordpress plugin

More from thehackernews.com / The Hacker News

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models 8 hours ago | thehackernews.com

address asus authentication authentication bypass +22

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices 11 hours ago | thehackernews.com

actor adversary amp asia +21

What is DevSecOps and Why is it Essential for Secure Software Delivery? 12 hours ago | thehackernews.com

application application security delivery developers +16

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor 17 hours ago | thehackernews.com

actor attack attack chain backdoor +23

NiceRAT Malware Targets South Korean Users via Cracked Software 18 hours ago | thehackernews.com

attacks botnet called cracked +19

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain 1 day, 19 hours ago | thehackernews.com

arrested board called city +18

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan 2 days, 13 hours ago | thehackernews.com

actor banking banking trojan beyond +23

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks 2 days, 15 hours ago | thehackernews.com

actor adversary attacks called +26

Meta Halts AI Training on EU User Data Amid Privacy Concerns 2 days, 15 hours ago | thehackernews.com

adult ai training data data protection +23

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

View on infosec-jobs.com

Manager Pentest H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com

Information System Security Officer

@ Parsons Corporation | USA VA Chantilly (Client Site)

View on infosec-jobs.com

Vulnerability Analyst, Mid

@ Booz Allen Hamilton | USA, VA, McLean (8283 Greensboro Dr, Hamilton)

View on infosec-jobs.com

SAP Security and Compliance Auditor

@ Bosch Group | Warszawa, Poland

View on infosec-jobs.com

Head of Product Security (Business team)

@ Zalando | Berlin

View on infosec-jobs.com