Vulnerabilities > CVE-2023-41848 - Missing Authorization vulnerability in Majeedraza Carousel Slider

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

majeedraza

CWE-862

NVD

Published: 2024-12-13

Updated: 2025-04-10

Summary

Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carousel Slider: from n/a through 2.2.2.

Vulnerable Configurations

Part	Description	Count
Application	Majeedraza Majeedraza Carousel Slider - Majeedraza Carousel Slider 2.0 Majeedraza Carousel Slider 2.2.0 Majeedraza Carousel Slider 2.2.1 Majeedraza Carousel Slider 2.2.2	5

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/wordpress/plugin/carousel-slider/vulnerability/wordpress-carousel-slider-plugin-2-2-2-broken-access-control-vulnerability?_s_id=cve