Lucene search
K

5 matches found

NVD
NVD
added 2025/07/18 6:15 a.m.6 views

CVE-2025-6726

The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/18 5:23 a.m.3 views

CVE-2025-6726 Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update

The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...

4.3CVSS6.2AI score0.00228EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/18 5:23 a.m.10 views

CVE-2025-6726 Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update

The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00228EPSS
Exploits0References3
CVE
CVE
added 2025/07/18 5:23 a.m.21 views

CVE-2025-6726

CVE-2025-6726 relates to the Block Editor Gallery Slider WordPress plugin. The Wordfence/NVD entry states a missing capability check in classic_gallery_slider_options() affects all versions up to and including 1.1.1, enabling authenticated users with Subscriber-level access or higher to modify li...

4.3CVSS6.3AI score0.00228EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/18 4:10 a.m.7 views

WordPress Block Editor Gallery Slider plugin <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Post Meta Update vulnerability discovered by Poli in WordPress Plugin Block Editor Gallery Slider versions = 1.1.1...

4.3CVSS6.8AI score0.00228EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder