Vulnerabilities > CVE-2025-48334 - Missing Authorization vulnerability in Binarycarpenter WOO Slider PRO

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

binarycarpenter

CWE-862

NVD

Published: 2025-05-30

Updated: 2025-06-04

Summary

Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Slider Pro: from n/a through 1.12. Affected action "woo_slide_pro_delete_slider".

Vulnerable Configurations

Part	Description	Count
Application	Binarycarpenter Binarycarpenter WOO Slider PRO *	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/wordpress/plugin/woo-slider-pro-drag-drop-slider-builder-for-woocommerce/vulnerability/wordpress-woo-slider-pro-1-12-arbitrary-content-deletion-vulnerability?_s_id=cve