On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1, 000, 000 estimated active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password…
$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin
Full Disclosure: This webpage may contain affiliate links, in which the website owner would receive a commission for purchases made. This does not affect your purchase cost.