Vulnerabilities > Radiustheme > Logo Slider AND Showcase

DATE CVE VULNERABILITY TITLE RISK
2021-11-01 CVE-2021-24742 Incorrect Authorization vulnerability in Radiustheme Logo Slider and Showcase
The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check.
network
low complexity
radiustheme CWE-863
4.0