Skip to main content

Slider By Soliloquy Responsive Image Slider For Wordpress

1 CVEs product

Monthly

CVE-2026-7636 MEDIUM This Month

Sensitive information exposure in the Slider by Soliloquy WordPress plugin (versions ≤ 2.8.1) allows authenticated attackers with subscriber-level access to read draft slider content that should be restricted to administrators and editors. The flaw exists in the plugin's map_meta_cap implementation within posttype.php, where capability checks are insufficiently enforced, permitting low-privileged users to retrieve draft slider metadata including unpublished media URLs, captions, and full slider configuration details. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Information Disclosure WordPress Slider By Soliloquy Responsive Image Slider For Wordpress
NVD
CVSS 3.1
4.3
EPSS
0.0%
EPSS 0% CVSS 4.3
MEDIUM This Month

Sensitive information exposure in the Slider by Soliloquy WordPress plugin (versions ≤ 2.8.1) allows authenticated attackers with subscriber-level access to read draft slider content that should be restricted to administrators and editors. The flaw exists in the plugin's map_meta_cap implementation within posttype.php, where capability checks are insufficiently enforced, permitting low-privileged users to retrieve draft slider metadata including unpublished media URLs, captions, and full slider configuration details. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Information Disclosure WordPress Slider By Soliloquy Responsive Image Slider For Wordpress
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy