WordPress LayerSlider plugin bug risks password hash extraction – SC Media
Credit: Adobe Stock ImagesA critical vulnerability in the WordPress plugin LayerSlider could allow unauthenticated attackers to extract password hashes via SQL injection.The bug, tracked as CVE-2024-2879, has a CVSS score of 9.8 and affects LayerSlider versions 7.9.11 through 7.10.0. A patch for the flaw was first made available on March…