{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-10249", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-09-10T21:30:22.983Z", "datePublished": "2025-10-09T11:20:56.306Z", "dateUpdated": "2026-04-08T16:49:15.864Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:15.864Z"}, "affected": [{"vendor": "Revolution Slider", "product": "Slider Revolution", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.7.37", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files."}], "title": "Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43f2c4e5-c19d-4b7c-849b-47052bb62cb5?source=cve"}, {"url": "https://www.sliderrevolution.com/documentation/changelog/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-23 Relative Path Traversal", "cweId": "CWE-23", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Matthew Rollings"}], "timeline": [{"time": "2025-09-10T21:51:03.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-08T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-09T14:42:18.648962Z", "id": "CVE-2025-10249", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-09T14:46:37.151Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10249", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-09T14:42:18.648962Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-09T14:46:34.152Z"}}], "cna": {"title": "Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read", "credits": [{"lang": "en", "type": "finder", "value": "Matthew Rollings"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "Revolution Slider", "product": "Slider Revolution", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "6.7.37"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-10T21:51:03.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-08T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43f2c4e5-c19d-4b7c-849b-47052bb62cb5?source=cve"}, {"url": "https://www.sliderrevolution.com/documentation/changelog/"}], "descriptions": [{"lang": "en", "value": "The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:15.864Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10249", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:49:15.864Z", "dateReserved": "2025-09-10T21:30:22.983Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-09T11:20:56.306Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files."}], "id": "CVE-2025-10249", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-09T12:15:34.873", "references": [{"source": "security@wordfence.com", "url": "https://www.sliderrevolution.com/documentation/changelog/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43f2c4e5-c19d-4b7c-849b-47052bb62cb5?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-23"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T14:11:40.405536+00:00", "value": {"mitigation_remediation": ["Upgrade the Slider Revolution plugin to version\u202f6.7.38 or later following the vendor\u2019s release notes.", "Disable or remove the plugin if it is not required, or restrict Contributor roles so they cannot add or activate add\u2011ons.", "Configure WordPress or a security solution to limit file download permissions for plugin components, preventing arbitrary file access by authenticated users."], "summary": {"action": "Apply Patch", "impact": "Authenticated Contributor+ privilege escalation leading to arbitrary file read"}, "threat_synthesis": {"affected_systems": "Revolution Slider (Slider Revolution) for WordPress is affected in all releases up to and including 6.7.37. Users running these versions should review their installation and upgrade to the latest release.", "description_and_impact": "The Slider Revolution plugin for WordPress contains a missing capability check in multiple functions through version\u202f6.7.37. This flaw allows authenticated users with Contributor-level access or higher to install and activate add\u2011ons, create new sliders, and download arbitrary files that the site hosts. This is a CWE\u201123 vulnerability because the lack of proper path validation permits directory traversal. An attacker can therefore elevate their functional access to the site, potentially exfiltrate sensitive files or deploy malicious add\u2011ons that could compromise the entire WordPress installation.", "risk_and_exploitability": "The vulnerability carries a CVSS score of\u202f6.5 and an EPSS score below\u202f1\u202fpercent, indicating a moderate severity but a relatively low likelihood of exploitation. It is not listed in the CISA KEV catalog. Attackers only need authenticated Contributor or higher privileges; no external access is required. Once the capability check is bypassed, the attacker can read or download files and install add\u2011ons, enabling further compromise."}}}}, "created": "2025-10-10T11:18:22.296971+00:00", "updated": "2026-04-22T14:15:20.420751+00:00", "vendors": ["revolution_slider", "revolution_slider$PRODUCT$slider_revolution", "wordpress", "wordpress$PRODUCT$wordpress"]}