CVE-2025-9217

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Slider Revolution versions prior to 6.7.37

Description The Slider Revolution plugin for WordPress is susceptible to a path traversal issue in versions up to and including 6.7.36. This allows authenticated attackers with Contributor-level access or higher to read arbitrary files on the server through the used svg and used images parameters. This can potentially expose sensitive information.

Recommendations Update Slider Revolution to version 6.7.37 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2025-9217

Affected Products

Slider Revolution

CVE-2025-9217

Weakness Enumeration

Related Identifiers

Affected Products

References · 7