-
Posts
-
Hello Support,
when do you provide a patched version of the LayerSlider Plugin?
see: https://www.wordfence.com//
also: https://layerslider.com/release-log/Best regards,
jomiPlease provide an update on the LayerSlider SQL injection vulnerability.
From the CVE, “This vulnerability allows unauthenticated threat actors to inject malicious SQL queries to steal sensitive information from the database.”Additional information.
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/layerslider/layerslider-7911-7100-unauthenticated-sql-injectionAccording to the Enfold changelog, the latest bundled version is 7.9.11. This vulnerability affects versions 7.9.11 and 7.10.0.
Changelog: https://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990#item-description__changelogHi,
Thank you for the info.
We’ll forward this to our team/channel, and hopefully, we’ll be able to include the latest version of the plugin in the next patch.
Best regards,
IsmaelHello Ismael,
it getting somehow a little bit urging ..
The first pages went down to this unpached plugin. We are not able to update this plugin unless we buy it on top of enfold.
How many days will we have to live with a security leak like this in our systems?Is it possible to deactivate this plugin somehow ??? It is not listed …
Ok Found it — Enfold — Layout Architekt — Bundled Plugins —
Site looks awfull now, but at least its save.
Thanx
Hi,
Yes, you can temporarily disable the plugin in the Enfold > Layout Builder > Layerslider Options settings. The latest version of the plugin will be included in the next patch.
Thank you for your patience.
Best regards,
IsmaelHey,
Enfold 5.7 is now available: https://kriesi.at/documentation/enfold/changelog/.
Best regards,
Yigit
- You must be logged in to reply to this topic.