Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes.
The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0.
The issue has been addressed in version

case critical cve cve-2024 cvss cvss score databases extract flaw found hashes information injection password plugin popular score security security flaw sensitive sensitive information sql sql injection wordpress wordpress plugin