$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin | allinfosecnews.com

April 2, 2024, 3:15 p.m. | István Márton

Wordfence www.wordfence.com

On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1,000,000 estimated active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes. Props to AmrAwad who discovered and responsibly ...
Read More

The post $5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin appeared first on Wordfence.

bounty bug bug bounty can data database extract injection march password plugin research sensitive sensitive data sql sql injection submission unauthenticated vulnerabilities vulnerability wordpress wordpress plugin wordpress security

More from www.wordfence.com / Wordfence

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin 2 days, 20 hours ago | www.wordfence.com

bounty bug bug bounty deletion +16

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) 6 days, 19 hours ago | www.wordfence.com

april bounty bug bug bounty +17

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin 1 week, 1 day ago | www.wordfence.com

april bounty bug bug bounty +16

$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin 1 week, 5 days ago | www.wordfence.com

bounty bug bug bounty disclosure +18

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024) 1 week, 6 days ago | www.wordfence.com

april bounty bug bug bounty +17

$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin 2 weeks ago | www.wordfence.com

activity log bounty bug bug bounty +21

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express … 2 weeks, 2 days ago | www.wordfence.com

bounty bug bug bounty can +19

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024) 2 weeks, 6 days ago | www.wordfence.com

april bounty bug bug bounty +17

Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core 3 weeks ago | www.wordfence.com

april block bug cross-site +13

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02

View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia

View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium

View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India

View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)

View on infosec-jobs.com