Name of the Vulnerable Software and Affected Versions:

Slider Revolution versions prior to 6.7.37

Description:

The Slider Revolution plugin for WordPress is susceptible to a path traversal issue in versions up to and including 6.7.36. This allows authenticated attackers with Contributor-level access or higher to read arbitrary files on the server through the `used svg` and `used images` parameters. This can potentially expose sensitive information.

Recommendations:

Update Slider Revolution to version 6.7.37 or later.