Описание
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Ссылки
- Release Notes
- Third Party Advisory
- Release Notes
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS3
Дефекты
Связанные уязвимости
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Уязвимость функции ls_get_popup_markup() сценария assets/wp/actions.php плагина LayerSlider системы управления содержимым сайта WordPress, позволяющая нарушителю выполнять произвольные SQL-запросы
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS3