CVE-2025-62130
Description
Missing Authorization vulnerability in wpdiscover Accordion Slider Gallery accordion-slider-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion Slider Gallery: from n/a through <= 2.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Missing authorization in Accordion Slider Gallery plugin (≤2.7) allows unauthenticated exploitation of access control flaws.
The Accordion Slider Gallery plugin for WordPress, versions up to and including 2.7, suffers from a missing authorization vulnerability. This flaw stems from incorrectly configured access control security levels, allowing exploitation of broken access controls [1].
Attackers can exploit this vulnerability without authentication, as the plugin fails to properly verify user permissions for certain functions. The attack surface is broad, as the plugin is widely used, and the vulnerability can be leveraged in mass-exploit campaigns targeting thousands of sites regardless of their size or popularity.
Successful exploitation enables an unprivileged user to execute higher-privileged actions, potentially leading to unauthorized data access or modification. The CVSS score of 4.3 (Medium) reflects the moderate impact, though the ease of exploitation in mass campaigns increases the risk.
Users are strongly advised to update the plugin immediately. If updating is not possible, contacting a hosting provider or web developer for assistance is recommended. No workaround details are provided in the advisory.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=2.7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.