5 matches found
CVE-2025-6726
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...
CVE-2025-6726 Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...
CVE-2025-6726 Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classicgalleryslideroptions function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with...
CVE-2025-6726
CVE-2025-6726 relates to the Block Editor Gallery Slider WordPress plugin. The Wordfence/NVD entry states a missing capability check in classic_gallery_slider_options() affects all versions up to and including 1.1.1, enabling authenticated users with Subscriber-level access or higher to modify li...
WordPress Block Editor Gallery Slider plugin <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update vulnerability
Missing Authorization to Authenticated Subscriber+ Limited Post Meta Update vulnerability discovered by Poli in WordPress Plugin Block Editor Gallery Slider versions = 1.1.1...