Description: An attacker can create a malicious web page that can POST to target.com/wp-admin/admin-ajax.php the following parameters: action = ls_save_screen_options and anything in the options POST parameter will be stored on the WP Options under the ls-screen-options key.
Thank you for getting in touch with us. My name is Attila and I'm happy to assist you today. I appreciate your patience while we've been working towards your ticket.
This was a very old issue and it has been already fixed a couple days after locating it. Please update the plugin.
i have received this in mail from server security PLEASE ADVICE SOON
Severity: Critical
Category: multi
Summary: LayerSlider <= 6.2.0 - CSRF / Authenticated Stored XSS & SQL Injection
Description: An attacker can create a malicious web page that can POST to target.com/wp-admin/admin-ajax.php the following parameters: action = ls_save_screen_options and anything in the options POST parameter will be stored on the WP Options under the ls-screen-options key.
Hello ninimoversbh,
Thank you for getting in touch with us. My name is Attila and I'm happy to assist you today. I appreciate your patience while we've been working towards your ticket.
This was a very old issue and it has been already fixed a couple days after locating it. Please update the plugin.