cleantalk
Vulnerabilities and Security Researches

Responsive Accordion Slider, CVE-2026-0635

CVE, Research URL

CVE-2026-0635

Home page URL

Security reports for Responsive Accordion Slider

Application

Responsive Accordion Slider

Published on
Jan 14, 2026
Research Description
The Responsive Accordion Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'resp_accordion_silder_save_images' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to modify any slider's image metadata including titles, descriptions, alt text, and links.
Affected versions
max 1.2.2.
Status
vulnerable
Previous vulnerability researches
Post Carousel Divi (CVE-2022-4974) , Nov 15, 2024
Post Carousel Divi (9a49090552d6bf0056b51d4d41b6c1c13e395cd9) , Jun 07, 2024
New vulnerability
CodeColorer (CVE-2026-4032) , Apr 17, 2026
VI: Include Post By (CVE-2026-5717) , Apr 17, 2026
Responsive Accordion Slider (CVE-2026-0635) , Apr 17, 2026
Petje.af (CVE-2026-4002) , Apr 17, 2026
LinkedIn SC (CVE-2026-0812) , Apr 17, 2026