CVE-2025-6726

The Block Editor Gallery Slider plugin for WordPress, in all versions up to and including 1.1.1, suffers from a missing capability check in the classic_gallery_slider_options() function. This vulnerability enables authenticated attackers with Subscriber-level access or higher to update limited post meta for arbitrary posts without proper authorization [1].

Exploitation requires an authenticated user with at least a Subscriber role. The attacker can target any post on the site, modifying specific post meta fields that are accessible via the affected function. The attack vector is network-based and requires no special privileges beyond a basic account.

The impact is unauthorized modification of post metadata, which could be used to alter gallery slider settings or other data stored in post meta fields. While the attack only allows updating limited post meta, it can still affect the appearance or behavior of posts that use the gallery slider.

As of November 20, 2025, the plugin has been closed and is no longer available for download due to a guideline violation [1]. Users are advised to remove the plugin from their WordPress installations and seek alternative solutions.