Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/06/28 3:21 a.m.7 views

CVE-2025-3863

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS7AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/06/26 2:15 a.m.11 views

CVE-2025-3863

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS0.00235EPSS
Exploits0References4
Circl
Circl
added 2025/06/26 2:14 a.m.12 views

CVE-2025-3863

creationtimestamp| type| source ---|---|--- 2025-06-26 02:14:59+00:00| seen| https://bsky.app/profile/potato.software/post/3lsi2kh6vw72l 2025-06-26 02:50:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19560...

4.3CVSS4.8AI score0.00235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/26 2:6 a.m.4 views

CVE-2025-3863 Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS6.9AI score0.00235EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/26 2:6 a.m.13 views

CVE-2025-3863 Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS0.00235EPSS
Exploits0References4
CVE
CVE
added 2025/06/26 2:6 a.m.26 views

CVE-2025-3863

CVE-2025-3863 affects the WordPress plugin Post Carousel Slider for Elementor . The vulnerability is due to a missing capability check in the function process_wbelps_promo_form() across versions up to 1.6.0. This enables authenticated attackers with Subscriber-level access and above to trigger th...

4.3CVSS6.3AI score0.00235EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2025/06/26 12:0 a.m.10 views

WordPress Post Carousel Slider for Elementor plugin <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function vulnerability

Authenticated Subscriber+ Missing Authorization via processwbelpspromoform Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Post Carousel Slider for Elementor versions = 1.6.0...

4.3CVSS6.8AI score0.00235EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder