CVE-2025-23440

Vulnerability

Description

The radSLIDE WordPress plugin, up to version 2.1, contains a Missing Authorization vulnerability [1]. This is a broken access control issue where the plugin fails to properly check user permissions or nonce tokens before executing certain functions, allowing unprivileged users to perform actions reserved for higher-privileged roles [1].

Exploitation

An attacker can exploit this flaw without authentication by sending crafted requests to the vulnerable plugin functions [1]. Since the access control is missing or incorrectly configured, the attacker can bypass security checks and inject malicious JavaScript payloads into the plugin's slides [1]. This type of vulnerability is often used in mass-exploit campaigns targeting thousands of WordPress sites simultaneously [1].

Impact

Successful exploitation results in stored Cross-Site Scripting (XSS) [1]. The injected script executes in the browser of any administrator who views the affected slide, allowing the attacker to steal session cookies, create rogue admin accounts, or deface the site [1]. The CVSS v3.1 base score is 6.3 (Medium), reflecting the potential for significant but not critical impact [1].

Mitigation

The vendor has not released a patched version as of the disclosure date [1]. Users should immediately update the plugin if a fix becomes available; if unable to update, they should consult their hosting provider or web developer for alternative protections [1]. The vulnerability is expected to be exploited widely [1].