Primary

Context

Slider Revolution Missing Authorization Vulnerability Allowing Arbitrary Plugin Deactivation

Vulnerability

Patched

A vulnerability exists in the Slider Revolution WordPress plugin, specifically in versions 6.0.0 through 6.7.55 and 7.0.0 through 7.0.14. The issue arises from the plugin's failure to properly verify user authorization for certain actions, enabling authenticated attackers with Contributor-level access or higher to deactivate any active plugin on the site.

Impact

Exploitation of this vulnerability allows for unauthorized deactivation of active plugins, which could disrupt site functionality or remove critical features.

Remediation

Users can update to Slider Revolution version 6.7.56 or 7.0.15 to address this vulnerability.

Added: Jun 2, 2026, 12:20 AM

Updated: Jun 2, 2026, 12:20 AM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

5.4

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

5.4

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Slider Revolution Missing Authorization Vulnerability Allowing Arbitrary Plugin Deactivation

Vulnerability

Impact

Remediation

Affected Products

Slider Revolution

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating