Kreaturamedia Layerslider — known CVE vulnerabilities
Every CVE whose affected-product data names Kreaturamedia Layerslider, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-2879 — CVSS 9.8 (critical): The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to…
CVE-2023-47786 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.
CVE-2022-1153 — CVSS 4.8 (medium): The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which…