Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access
Description
The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protected
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The Slider WordPress plugin before 3.5.12 allows authenticated users to access arbitrary posts via an AJAX action due to missing authorization checks.
Vulnerability
The Slider – Ultimate Responsive Image Slider plugin for WordPress, versions before 3.5.12, fails to verify that a post requested via an AJAX action is a slide and that the requesting user has permission to view it. This allows any authenticated user, including subscribers, to access arbitrary posts, including private, draft, and password-protected content [1].
Exploitation
An attacker must be authenticated as a user with at least the Subscriber role. By sending a crafted AJAX request to the vulnerable endpoint with a target post ID, the attacker can retrieve the content of any post without proper authorization. No additional user interaction is required [1].
Impact
Successful exploitation leads to unauthorized disclosure of sensitive information. An attacker can read private posts, draft content, and password-protected posts, potentially exposing confidential data or internal communications [1].
Mitigation
The vulnerability is fixed in version 3.5.12 of the plugin. Users should update to this version immediately. No workarounds are documented in the available reference [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- wpscan.com/vulnerability/1afc0e4a-f712-47d4-bf29-7719ccbbbb1bmitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.