Vulnerability on LayerSlider Plugin

Incident Report for Server Status | Nexcess

Resolved

Mitigation has been put into place on our fleet. This has been resolved.

Please know that users should still update LayerSlider plugin to version 7.10.1.

Posted Apr 04, 2024 - 13:08 EDT

Monitoring

Our team is currently pushing a mitigation patch to our fleet at this time. All users of the LayerSlider Plugin are strongly encouraged to upgrade to version 7.10.1, where the vulnerability is patched in the plugin code itself.

We appreciate your patience in the matter and if you have any questions, please contact a member of our support team via live-chat, ticket, or by phone at (800)-580-4985, (517)-322-0434 (international).

Posted Apr 04, 2024 - 12:45 EDT

Update

Our team is still working on an adjustment to our mod security rule set to mitigate this issue on our fleet. All users of the LayerSlider Plugin are strongly encouraged to upgrade to version 7.10.1, where the vulnerability is patched in the plugin code itself.

We appreciate your patience in the matter and if you have any questions, please contact a member of our support team via live-chat, ticket, or by phone at (800)-580-4985, (517)-322-0434 (international).

Posted Apr 04, 2024 - 08:24 EDT

Identified

Our team has been made aware of a vulnerability in the LayerSlider Plugin used on WordPress.

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

More information can be found here: https://www.wordfence.com/blog/2024/04/5500-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-layerslider-wordpress-plugin/

Our Engineers are working on a patch to deploy to our fleet to patch this vulnerability specifically in our mod security system. In the mean time all users of the LayerSlider Plugin are strongly encouraged to upgrade to version 7.10.1, which also has the issue fixed.

We will provide updates on our patching process.

Our support team is on standby if you need any help or have questions or concerns. You can connect with us through the following channels:

- Live Chat via Customer Portal: https://my.nexcess.net/
- Email: support@nexcess.net
- Phone: 1-866-639-2377, 1-313-279-0722 (international).

Posted Apr 03, 2024 - 13:24 EDT

This incident affected: Managed Wordpress (Wordpress Core Updates).