our security tool has reported 18 websites overnight today, which currently have security vulnerabilities - all websites with "LayerSlider" installed are affected.
Enclosed I send you a screenshot of the excerpt of the error message. It says explicitly that the cause of the error message is "LayerSlider".
Could you possibly have a look at it in time? As I said, there are 18 websites affected from our side.
Our customers receive a monthly report on the state of the website - this security issue will be listed there. It's not uncommon for us to be asked how this happened. Could you also briefly tell us what caused the problem and how you fixed it?
Thank you very much in advance and best regards, Manuel
Thank you for getting in touch with us. My name is John, and I'm happy to assist you today. I appreciate your patience while we've been working towards your ticket.
We've fixed this vulnerability immediately after we received the report. LayerSlider 7.1.2 was released on March 10, containing the necessary security fixes. Updating to that or a newer version will eliminate the chance of exploiting this on your sites.
Hello all,
our security tool has reported 18 websites overnight today, which currently have security vulnerabilities - all websites with "LayerSlider" installed are affected.
Enclosed I send you a screenshot of the excerpt of the error message. It says explicitly that the cause of the error message is "LayerSlider".
Could you possibly have a look at it in time? As I said, there are 18 websites affected from our side.
Our customers receive a monthly report on the state of the website - this security issue will be listed there. It's not uncommon for us to be asked how this happened. Could you also briefly tell us what caused the problem and how you fixed it?
Thank you very much in advance and best regards,
Manuel
Hi Manuel,
Thank you for getting in touch with us. My name is John, and I'm happy to assist you today. I appreciate your patience while we've been working towards your ticket.
We've fixed this vulnerability immediately after we received the report. LayerSlider 7.1.2 was released on March 10, containing the necessary security fixes. Updating to that or a newer version will eliminate the chance of exploiting this on your sites.
You can find the vulnerability details on the following URL: https://wpscan.com/vulnerability/1d9d5516-f1c3-4134-b6bf-7f2f890533c4
The description sums it up pretty clearly, and we've fixed it by sanitizing and escaping the output.
Best Regards,
John | Kreatura Dev Team