WordPress Plugin Vulnerabilities

LayerSlider 4.6.1 - Remote Path Traversal File Access

Description

The LayerSlider WordPress plugin was affected by a Remote Path Traversal File Access security vulnerability.

Affects Plugins

Plugin icon
LayerSlider
Fixed in 5.2.0

References

URL
https://packetstormsecurity.com/files/#125637/

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
4.3 (medium)

Miscellaneous

Verified
No
WPVDB ID
b54ac5b7-aa06-4987-8473-f5116e689696

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2025-06-19 (about 10 months ago)

Other

Published
Title
Published
2025-10-14
Title
OwnID Passwordless Login <= 1.3.4 - Authentication Bypass
Published
2024-10-22
Title
ProfilePress - Pro < 4.11.2 - Authentication Bypass
Published
2014-08-01
Title
WordPress <= 3.0.5 wp-admin/press-this.php Privilege Escalation
Published
2018-10-20
Title
Accelerated Mobile Pages <= 0.9.97.19 - Multiple Unauthenticated Vulnerabilities
Published
2024-05-06
Title
Edwiser Bridge < 3.0.6 - Authentication Bypass due to Missing Empty Value Check