CVE-2026-6692 - Vulnerability Details

- Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url

Description

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version 7.0.11.

Published: 2026-05-07

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Slider Revolution plugin for WordPress has an inadequate file type validation in the _get_media_url and _check_file_path functions for versions 7.0.0 to 7.0.10. The flaw allows an attacker who can authenticate with subscriber‑level access or higher to upload arbitrary files, including executable content. If the uploaded file is executed by the web server, the attacker can achieve remote code execution on the host system, compromising confidentiality, integrity, and availability.

Affected Systems

Affected products are the Slider Revolution plugin for WordPress from the vendor Revolution Slider. The vulnerable range is version 7.0.0 through 7.0.10 inclusive. Versions 7.0.11 and later contain the fix.

Risk and Exploitability

The severity is high with a CVSS score of 8.8. The EPSS score is not available, so exploitation probability cannot be quantified, but the vulnerability is not currently listed in the CISA KEV catalog. The flaw requires authenticated access with at least subscriber rights, so an attacker would need to compromise a valid user account. Upon successful upload of a malicious file that the server can execute, the attacker could run arbitrary code with the permissions of the web server process, creating a full remote code execution condition.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Revolution Slider

Slider Revolution

unaffected

Version	Status	Constraints
`7.0.0`	affected	≤ 7.0.10

No data.

Vendor Product Confidence Versions

Revolution Slider

Slider Revolution

100%

Version	Status	Scheme	Platform
`[7.0.0,7.0.10]`	affected	semver	—

Wordpress

80%

Version	Status	Scheme	Platform
`—`	unaffected	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Slider Revolution to version 7.0.11 or later to remove the upload flaw.
If an upgrade cannot be performed immediately, configure the plugin or server to block uploads of executable file types and enforce a strict whitelist of allowed MIME types.
Disable the plugin or revoke subscriber‑level upload permissions until a patch is applied, and monitor upload logs for anomalous activity.

Generated by OpenCVE AI on May 7, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00097.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://www.sliderrevolution.com/
https://www.wordfence.com/threat-intel/vulnerabilities/id/a2e802a6-d2f1-47cc-883a-89110e569168?source=cve

History

Thu, 07 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 07 May 2026 06:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Revolution Slider Revolution Slider slider Revolution Wordpress Wordpress wordpress
Vendors & Products		Revolution Slider Revolution Slider slider Revolution Wordpress Wordpress wordpress

Thu, 07 May 2026 05:30:00 +0000

Type	Values Removed	Values Added
Description		The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version 7.0.11.
Title		Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url
Weaknesses		CWE-434
References		https://www.sliderrevolution.com/ https://www.wordfence.com/threat-intel/vulnerabilities/id/a2e802a6-d2f1-47cc-883a-89110e569168?source=cve
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Revolution Slider Slider Revolution

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2026-05-07T04:27:10.449Z

Updated: 2026-05-07T13:00:27.657Z

Reserved: 2026-04-20T16:22:26.339Z

Link: CVE-2026-6692

Vulnrichment

Updated: 2026-05-07T13:00:14.143Z

NVD

Status : Deferred

Published: 2026-05-07T06:16:05.410

Modified: 2026-05-07T14:00:05.650

Link: CVE-2026-6692

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-07T06:30:06Z

Weaknesses

CWE-434

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object