Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin

On March 25th, 2024, during the second Wordfence Bug Bounty Extravaganza, a submission was received for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1,000,000 estimated active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes.

Props to 1337_wannabe who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $5,500.00 for this discovery during our Bug Bounty Program Extravaganza, their highest bounty yet! 

All Wordfence users are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in SQL Injection protection.

Wordfence contacted the Kreatura Team on March 25, 2024, and received a response on the next day. After providing full disclosure details, the developer released a patch on March 27, 2024. We would like to commend the Kreatura Team for their prompt response and timely patch.

We urge users to update their sites with the latest patched version of LayerSlider, which is version 7.10.1, as soon as possible.

Source and more details: https://www.wordfence.com/blog/2024/04/5500-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-layerslider-wordpress-plugin/

and Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

Posted in Vulnerability.