cleantalk
Vulnerabilities and Security Researches

B Slider – Slider for your block editor, CVE-2025-8680

CVE, Research URL

CVE-2025-8680

Home page URL

Security reports for B Slider – Slider for your block editor

Application

B Slider – Slider for your block editor

Published on
Aug 15, 2025
Research Description
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Server-Side Request Forgery in version less than, or equal to, 2.0.0 via the fs_api_request function. This makes it possible for authenticated attackers, with subscriber-level access and above to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
Affected versions
Min -, max 2.0.1.
Status
vulnerable
Previous vulnerability researches
Snow Storm (b9155ea27a956bb6aecadd924fc7ba8cfeaf37c3) , Mar 22, 2025
Snow Storm (CVE-2025-30858) , Apr 05, 2025
New vulnerability
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025