7 matches found
CVE-2025-3863
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...
CVE-2025-3863
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...
CVE-2025-3863
creationtimestamp| type| source ---|---|--- 2025-06-26 02:14:59+00:00| seen| https://bsky.app/profile/potato.software/post/3lsi2kh6vw72l 2025-06-26 02:50:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19560...
CVE-2025-3863 Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...
CVE-2025-3863 Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...
CVE-2025-3863
CVE-2025-3863 affects the WordPress plugin Post Carousel Slider for Elementor . The vulnerability is due to a missing capability check in the function process_wbelps_promo_form() across versions up to 1.6.0. This enables authenticated attackers with Subscriber-level access and above to trigger th...
WordPress Post Carousel Slider for Elementor plugin <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function vulnerability
Authenticated Subscriber+ Missing Authorization via processwbelpspromoform Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Post Carousel Slider for Elementor versions = 1.6.0...