A.Awad

Name of the Vulnerable Software and Affected Versions: LayerSlider plugin for WordPress versions 7.9.11 through 7.10.0 Description: The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the `ls get popup markup` action due to insufficient escaping on the user-supplied `id` parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, such as password hashes. The estimated number of potentially affected devices worldwide is over 1 million. Recommendations: For versions 7.9.11 through 7.10.0, update to version 7.10.1 or latest to resolve the issue. As a temporary workaround, consider disabling the `ls get popup markup` action until a patch is available. Restrict access to the vulnerable `id` parameter in the affected API endpoint until the issue is resolved. Avoid using the `id` parameter in the affected API endpoint until the issue is resolved.