ResolvedSlider Revolution security vulnerability

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #38104
    aanrae
    Participant

    The current Zass plugin includes Slider Revolution 6.6.15.
    The Slider Revolution plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 6.6.15. This makes it possible for attackers with author-level access and higher to upload arbitrary files on the affected site’s server which may make remote code execution possible.

    CVE CVE-2023-47784
    CVSS 7.2 (High)

    Do you know when the plugin will be updated? The current version is 6.6.18.

    #38111
    Alex
    Keymaster

    Hello aanrae,

    There is new version released from yesterday (20th November 2023) with all bundled plugins updated.

    Regards,
    Alex

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in and have valid license to reply to this topic.

License required for the following item
Login and Registration Log in · Register