A critical SQL injection vulnerability in the LayerSlider plugin, a popular WordPress tool with over one million active installations, poses a significant threat to website security, warns WordPress security firm Defiant. This vulnerability allows attackers to extract sensitive information from website databases, including password hashes, through insecure implementation of the plugin’s slider popup markup query functionality. The flaw, tracked as CVE-2024-2879 with a CVSS score of 9.8, enables unauthenticated attackers to append malicious SQL queries to existing ones, exploiting insufficient escaping on user-supplied parameters. To mitigate this risk, users are strongly advised to update their installations to LayerSlider version 7.10.1, released promptly after the flaw was reported to the plugin’s maintainers.
Wordfence, the security team at Defiant, underscores the severity of the vulnerability, emphasizing the need for immediate action to address the potential consequences of data breaches. The method to exploit this flaw typically involves a time-based blind approach, utilizing specific SQL statements and a sleep command to extract information from databases. Moreover, the CVE-2024-2879 was reported through Defiant’s bug bounty program, with the researcher receiving a reward of $5,500 for the discovery. Despite the swift response in releasing a patch, users must prioritize updating their installations to safeguard against potential cyber attacks exploiting this vulnerability.
LayerSlider versions 7.9.11 and 7.10.0 are confirmed to be impacted by this critical vulnerability, underscoring the urgency for users to take proactive measures. The plugin’s wide adoption among WordPress users magnifies the potential impact of the flaw, necessitating swift action to prevent widespread exploitation. With LayerSlider version 7.10.1 addressing the vulnerability, users are strongly encouraged to apply the update immediately to mitigate the risk of unauthorized access to sensitive website data.
