Missing Authorization vulnerability Affects Slider Responsive Slideshow
CVE-2024-35722

8.8HIGH

Key Information:

Vendor: WordPress
Status: Slider Responsive Slideshow – Image Slider, Gallery Slideshow
Vendor: CVE Published:; 10 June 2024

Summary

The vulnerability in WP Life Slider Responsive Slideshow – Image Slider, Gallery Slideshow is attributed to missing authorization controls, allowing unauthorized users to access sensitive functions or data that should be restricted. This issue affects versions prior to 1.4.0 and could be exploited to manipulate or retrieve content without proper authentication. Website administrators using this plugin should address this vulnerability promptly to safeguard their systems against unauthorized access and maintain the integrity of their applications.

Affected Version(s)

Slider Responsive Slideshow – Image slider, Gallery slideshow <= 1.4.0

References

https://patchstack.com/database/vulnerability/slider-resp...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 10, 2024
Vulnerability Reserved
May 17, 2024

Credit

Steven Julian (Patchstack Alliance)