Platform
wordpress
Component
layerslider
Fixed in
7.10.1
CVE-2024-2879 is a critical SQL Injection vulnerability affecting LayerSlider WordPress plugins versions 7.9.11 through 7.10.0. This vulnerability allows unauthenticated attackers to inject malicious SQL queries, potentially leading to unauthorized access and data exfiltration. The issue stems from insufficient input sanitization within the lsgetpopup_markup action. A patch is available; upgrading is the recommended remediation.
The impact of this SQL Injection vulnerability is severe. An attacker can leverage it to bypass authentication and directly manipulate the database. This could lead to the extraction of sensitive user data, including usernames, passwords, email addresses, and potentially even financial information if the database contains such data. Furthermore, an attacker could modify or delete data, leading to data corruption or denial of service. The lack of authentication requirements significantly broadens the attack surface, making it accessible to a wide range of potential attackers. The vulnerability's location within a popular WordPress plugin increases the likelihood of exploitation.
CVE-2024-2879 was publicly disclosed on April 3, 2024. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Exploit Status
EPSS
93.75% (100% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-2879 is to immediately upgrade LayerSlider to a patched version. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to filter out potentially malicious SQL queries targeting the lsgetpopup_markup action. Carefully review and restrict access to the WordPress database, limiting user privileges to the minimum necessary. Regularly back up your WordPress database to facilitate recovery in case of a successful attack.
Update the LayerSlider plugin to the latest available version. The SQL Injection vulnerability allows unauthenticated attackers to extract sensitive information from the database. The update corrects the lack of validation in user-supplied parameters.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-2879 is a critical SQL Injection vulnerability in LayerSlider WordPress plugins versions 7.9.11–7.10.0, allowing attackers to extract sensitive data.
If you are using LayerSlider versions 7.9.11 through 7.10.0 on your WordPress site, you are potentially affected and should upgrade immediately.
Upgrade LayerSlider to the latest patched version. If upgrading is not possible, implement a WAF rule to filter malicious SQL queries.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the LayerSlider website and WordPress plugin repository for the latest security advisory and patch information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.