CVE-2025-47467

Vulnerability

Overview

The GS Testimonial Slider plugin for WordPress (versions up to 3.3.0) contains a missing authorization vulnerability. The plugin fails to properly enforce access control checks on certain functions, allowing users with lower privileges to execute actions intended for higher-privileged roles [1]. This is a classic broken access control issue where nonce tokens or capability checks are absent.

Exploitation

An attacker who has any level of authenticated access to a WordPress site (e.g., a subscriber or contributor) can exploit this flaw to perform actions that should require administrator-level permissions. The exact attack vector depends on the specific function lacking authorization, but the vulnerability can be triggered without needing special network position or additional authentication beyond a valid user session [1].

Impact

Successful exploitation could allow an attacker to modify or delete testimonials, change plugin settings, or perform other unauthorized operations. However, the vendor and Patchstack assess this as low severity and unlikely to be exploited in mass campaigns [1]. The CVSS score of 4.3 reflects the limited impact and required privileges.

Mitigation

The vulnerability is fixed in version 3.3.1 of the plugin. Users are strongly advised to update immediately. Patchstack users can enable auto-updates for vulnerable plugins [1]. No workarounds are documented; updating is the only reliable mitigation.