Responsive Accordion Slider WordPress Plugin Missing Authorization Vulnerability in Slider Update Function

Vulnerability

A vulnerability exists in the Responsive Accordion Slider plugin for WordPress, all versions through 1.2.2, allowing unauthorized data modification. The issue arises from a missing capability check in the 'resp_accordion_silder_save_images' function. This flaw enables authenticated attackers with Contributor-level access and above to alter image metadata of any slider, including titles, descriptions, alt text, and links.

Impact

Exploitation of this vulnerability allows for unauthorized modification of slider image metadata, potentially leading to misinformation or misuse of the slider's content.

Added: Jan 14, 2026, 6:22 AM

Updated: Jan 14, 2026, 6:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

5.9

remediation

0.0

relevance

2.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

5.9

remediation

0.0

relevance

2.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Responsive Accordion Slider WordPress Plugin Missing Authorization Vulnerability in Slider Update Function

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating