CVE-2025-9217

Vulnerability

Overview

The Slider Revolution plugin for WordPress is vulnerable to a Path Traversal attack in versions up to and including 6.7.36. The flaw exists in the handling of the 'used_svg' and 'used_images' parameters, allowing authenticated attackers with Contributor-level access or higher to read the contents of arbitrary files on the server [1]. This is a classic path traversal vulnerability where user-supplied input is not properly sanitized, enabling directory traversal sequences.

Exploitation

An attacker must have at least Contributor-level access to the WordPress instance, which requires authentication. The attack is performed by manipulating the 'used_svg' or 'used_images' parameters to include path traversal sequences like '../' to navigate outside the intended directory. This leads to reading sensitive files such as wp-config.php, which may contain database credentials and other secrets [1].

Impact

Successful exploitation allows an attacker to read arbitrary files on the server, potentially exposing sensitive information including database credentials, API keys, and other configuration data. This could lead to further compromise of the WordPress installation and connected systems [1].

Mitigation

The vulnerability has been patched in version 6.7.37 of the plugin. Users are strongly advised to update to the latest version immediately. The changelog confirms that version 6.7.37 addresses this issue [1]. No workarounds are mentioned, so updating is the recommended mitigation.