Limited availability during the holidays
Another busy year is coming to its end, and an exciting year lies ahead. In order to get ready for a fresh new start, our team will spend a few days' rest during the winter holidays. Over the holiday break, we will have reduced staffing from December 20th, 2024, to January 5th, 2025, so please be patient if you do not receive a response as quickly as you normally would.
We send our warmest wishes for happiness, health, and success throughout the coming year. Thank you for your continued support, and may you have a peaceful and blessed Happy Holidays!
Hello all,
our security tool has reported 18 websites overnight today, which currently have security vulnerabilities - all websites with "LayerSlider" installed are affected.
Enclosed I send you a screenshot of the excerpt of the error message. It says explicitly that the cause of the error message is "LayerSlider".
Could you possibly have a look at it in time? As I said, there are 18 websites affected from our side.
Our customers receive a monthly report on the state of the website - this security issue will be listed there. It's not uncommon for us to be asked how this happened. Could you also briefly tell us what caused the problem and how you fixed it?
Thank you very much in advance and best regards,
Manuel
Hi Manuel,
Thank you for getting in touch with us. My name is John, and I'm happy to assist you today. I appreciate your patience while we've been working towards your ticket.
We've fixed this vulnerability immediately after we received the report. LayerSlider 7.1.2 was released on March 10, containing the necessary security fixes. Updating to that or a newer version will eliminate the chance of exploiting this on your sites.
You can find the vulnerability details on the following URL: https://wpscan.com/vulnerability/1d9d5516-f1c3-4134-b6bf-7f2f890533c4
The description sums it up pretty clearly, and we've fixed it by sanitizing and escaping the output.
Best Regards,
John | Kreatura Dev Team