Plattform
wordpress
Komponente
layerslider
Behoben in
7.10.1
CVE-2024-2879 is a critical SQL Injection vulnerability affecting LayerSlider WordPress plugins versions 7.9.11 through 7.10.0. This vulnerability allows unauthenticated attackers to inject malicious SQL queries, potentially leading to unauthorized access and data exfiltration. The issue stems from insufficient input sanitization within the lsgetpopup_markup action. A patch is available; upgrading is the recommended remediation.
The impact of this SQL Injection vulnerability is severe. An attacker can leverage it to bypass authentication and directly manipulate the database. This could lead to the extraction of sensitive user data, including usernames, passwords, email addresses, and potentially even financial information if the database contains such data. Furthermore, an attacker could modify or delete data, leading to data corruption or denial of service. The lack of authentication requirements significantly broadens the attack surface, making it accessible to a wide range of potential attackers. The vulnerability's location within a popular WordPress plugin increases the likelihood of exploitation.
CVE-2024-2879 was publicly disclosed on April 3, 2024. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
WordPress websites utilizing the LayerSlider plugin, particularly those running versions 7.9.11 through 7.10.0, are at significant risk. Shared hosting environments are especially vulnerable, as they often have limited control over plugin updates and security configurations. Websites with sensitive user data stored in their WordPress databases are at the highest risk.
• wordpress / composer / npm:
grep -r "ls_get_popup_markup" /var/www/html/wp-content/plugins/layerslider/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/layerslider/ | grep SQLdisclosure
Exploit-Status
EPSS
93.75% (100% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-2879 is to immediately upgrade LayerSlider to a patched version. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to filter out potentially malicious SQL queries targeting the lsgetpopup_markup action. Carefully review and restrict access to the WordPress database, limiting user privileges to the minimum necessary. Regularly back up your WordPress database to facilitate recovery in case of a successful attack.
Actualice el plugin LayerSlider a la última versión disponible. La vulnerabilidad de inyección SQL permite a atacantes no autenticados extraer información sensible de la base de datos. La actualización corrige la falta de validación en los parámetros proporcionados por el usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-2879 is a critical SQL Injection vulnerability in LayerSlider WordPress plugins versions 7.9.11–7.10.0, allowing attackers to extract sensitive data.
If you are using LayerSlider versions 7.9.11 through 7.10.0 on your WordPress site, you are potentially affected and should upgrade immediately.
Upgrade LayerSlider to the latest patched version. If upgrading is not possible, implement a WAF rule to filter malicious SQL queries.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the LayerSlider website and WordPress plugin repository for the latest security advisory and patch information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.