Medium severity6.5NVD Advisory· Published Oct 9, 2025· Updated Apr 15, 2026
CVE-2025-10249
CVE-2025-10249
Description
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=6.7.37
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.