{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6726", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-26T14:31:00.766Z", "datePublished": "2025-07-18T05:23:58.675Z", "dateUpdated": "2026-04-08T17:01:38.039Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:01:38.039Z"}, "affected": [{"vendor": "krasenslavov", "product": "Block Editor Gallery Slider for WordPress \u2013 Image Slider, Gallery Carousel & Lightbox Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts."}], "title": "Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/770b0401-4d05-476e-a2b1-e9e9c920f5fa?source=cve"}, {"url": "https://wordpress.org/plugins/block-editor-gallery-slider/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3331844%40block-editor-gallery-slider&new=3331844%40block-editor-gallery-slider&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Phong Nguyen"}], "timeline": [{"time": "2025-07-17T16:28:18.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T13:03:25.735558Z", "id": "CVE-2025-6726", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T13:03:39.974Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6726", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T13:03:25.735558Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T13:03:31.798Z"}}], "cna": {"title": "Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update", "credits": [{"lang": "en", "type": "finder", "value": "Phong Nguyen"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "krasenslavov", "product": "Block Editor Gallery Slider", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.1.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-17T16:28:18.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/770b0401-4d05-476e-a2b1-e9e9c920f5fa?source=cve"}, {"url": "https://wordpress.org/plugins/block-editor-gallery-slider/"}], "descriptions": [{"lang": "en", "value": "The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-07-18T05:23:58.675Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6726", "state": "PUBLISHED", "dateUpdated": "2025-07-18T13:03:39.974Z", "dateReserved": "2025-06-26T14:31:00.766Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-18T05:23:58.675Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts."}, {"lang": "es", "value": "El complemento Block Editor Gallery Slider para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n classic_gallery_slider_options() en todas las versiones hasta la 1.1.1 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, actualicen metadatos limitados de entradas arbitrarias."}], "id": "CVE-2025-6726", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-18T06:15:27.863", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3331844%40block-editor-gallery-slider&new=3331844%40block-editor-gallery-slider&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/block-editor-gallery-slider/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/770b0401-4d05-476e-a2b1-e9e9c920f5fa?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T03:58:24.572264+00:00", "value": {"mitigation_remediation": ["Upgrade the Block Editor Gallery Slider plugin to the latest available version that includes the authorization fix.", "If an immediate upgrade is not possible, adjust user role capabilities so that Subscribers cannot modify post meta, or temporarily disable the plugin\u2019s meta\u2011update feature for those roles.", "Audit all post meta changes by checking the plugin configuration or adding custom capability checks to prevent unauthorized updates."], "summary": {"action": "Patch Now", "impact": "Unauthorized Data Modification"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the krasenslavov Block Editor Gallery Slider for WordPress \u2013 Image Slider, Gallery Carousel & Lightbox Plugin. All plugin versions up to and including 1.1.1 are impacted. Users running any of these releases on their WordPress site are at risk unless they upgrade the plugin.", "description_and_impact": "The Block Editor Gallery Slider plugin for WordPress contains a missing capability check on the classic_gallery_slider_options() function in all releases up to version 1.1.1, allowing authenticated users with Subscriber-level access or higher to modify certain post meta fields for arbitrary posts. This flaw enables attackers to alter the content or configuration of posts without permission, leading to data integrity violations and potentially exposing sensitive or design information to unauthorised parties.", "risk_and_exploitability": "This issue has a CVSS score of 4.3 and an EPSS score of less than 1%, indicating a moderate severity with a very low probability of exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers must be authenticated and possess at least Subscriber privileges, so the attack vector is authenticated. The missing authorization check exposes a small subset of post metadata but does not provide remote code execution or full post deletion capabilities."}}}}, "created": "2026-04-21T04:00:10.074737+00:00", "updated": "2026-04-21T04:00:10.074749+00:00", "vendors": []}