cleantalk
Vulnerabilities and Security Researches

WP Featured Content and Slider, deb685ef98e2416e44ec11d0a7e66dbb81ca65cf

CVE, Research URL

deb685ef98e2416e44ec11d0a7e66dbb81ca65cf

Home page URL

Security reports for WP Featured Content and Slider

Application

WP Featured Content and Slider

Published on
Nov 09, 2023
Research Description
WP Featured Content and Slider [wp-featured-content-and-slider] < 1.7 WordPress WP Featured Content and Slider Plugin <= 1.5 is vulnerable to Broken Access Control No patched version is available. Abdi Pranata discovered and reported this Broken Access Control vulnerability in WordPress WP Featured Content and Slider Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.7.
Status
vulnerable
Previous vulnerability researches
WP Featured Content and Slider (deb685ef98e2416e44ec11d0a7e66dbb81ca65cf) , Jun 07, 2024
WP Featured Content and Slider (CVE-2026-6443) , Apr 23, 2026
New vulnerability
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2025-9539) , Apr 23, 2026
ExactMetrics &#8211; Google Analytics Dashboard for WordPress (Website Stats Plugin) (CVE-2026-5464) , Apr 23, 2026
Kcaptcha (CVE-2026-4121) , Apr 23, 2026
mCatFilter (CVE-2026-4139) , Apr 23, 2026
Short Comment Filter (CVE-2026-3362) , Apr 23, 2026