cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-4575,https://securityvulnerability.io/vulnerability/CVE-2024-4575,Stored Cross-Site Scripting Vulnerability in LayerSlider Plugin for WordPress,"The LayerSlider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ls_search_form shortcode in version 7.11.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,Layerslider,6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-23T11:02:37.956Z,0
CVE-2024-2879,https://securityvulnerability.io/vulnerability/CVE-2024-2879,SQL Injection Vulnerability in LayerSlider Plugin for WordPress,"The LayerSlider plugin for WordPress is prone to an SQL injection vulnerability through the ls_get_popup_markup action. This flaw arises from inadequate escaping of user-supplied parameters and insufficient preparation of existing SQL queries. As a result, unauthenticated attackers can inject additional SQL commands into existing queries, facilitating the unauthorized extraction of sensitive data from the database. It is crucial for users of affected versions to update their installations to mitigate potential security risks.",Wordpress,Layerslider,9.8,CRITICAL,0.008670000359416008,false,,true,false,true,true,true,false,2024-04-03T04:15:00.000Z,4781
CVE-2022-1153,https://securityvulnerability.io/vulnerability/CVE-2022-1153,LayerSlider < 7.1.2 - Admin+ Stored Cross-Site Scripting,"The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed",Wordpress,Layerslider,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-04-25T15:51:19.000Z,0