Description
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts.
Published: 2025-07-18
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Data Modification
Action: Patch Now
AI Analysis

Impact

The Block Editor Gallery Slider plugin for WordPress contains a missing capability check on the classic_gallery_slider_options() function in all releases up to version 1.1.1, allowing authenticated users with Subscriber-level access or higher to modify certain post meta fields for arbitrary posts. This flaw enables attackers to alter the content or configuration of posts without permission, leading to data integrity violations and potentially exposing sensitive or design information to unauthorised parties.

Affected Systems

The vulnerability affects the krasenslavov Block Editor Gallery Slider for WordPress – Image Slider, Gallery Carousel & Lightbox Plugin. All plugin versions up to and including 1.1.1 are impacted. Users running any of these releases on their WordPress site are at risk unless they upgrade the plugin.

Risk and Exploitability

This issue has a CVSS score of 4.3 and an EPSS score of less than 1%, indicating a moderate severity with a very low probability of exploitation. The vulnerability is not listed in CISA’s KEV catalog. Attackers must be authenticated and possess at least Subscriber privileges, so the attack vector is authenticated. The missing authorization check exposes a small subset of post metadata but does not provide remote code execution or full post deletion capabilities.

Generated by OpenCVE AI on April 21, 2026 at 03:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Block Editor Gallery Slider plugin to the latest available version that includes the authorization fix.
  • If an immediate upgrade is not possible, adjust user role capabilities so that Subscribers cannot modify post meta, or temporarily disable the plugin’s meta‑update feature for those roles.
  • Audit all post meta changes by checking the plugin configuration or adding custom capability checks to prevent unauthorized updates.

Generated by OpenCVE AI on April 21, 2026 at 03:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-21851 The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts.
History

Wed, 08 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
References

Fri, 18 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 18 Jul 2025 05:30:00 +0000

Type Values Removed Values Added
Description The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts.
Title Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:01:38.039Z

Reserved: 2025-06-26T14:31:00.766Z

Link: CVE-2025-6726

cve-icon Vulnrichment

Updated: 2025-07-18T13:03:31.798Z

cve-icon NVD

Status : Deferred

Published: 2025-07-18T06:15:27.863

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-6726

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T04:00:10Z

Weaknesses