Slider Revolution < 6.7.37 – Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images' | CVE 2025-9217 | Plugin Vulnerabilities

Description

The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'used_svg' and 'used_images' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Affects Plugins

Fixed in 6.7.37

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/ea49df40-e58f-4e20-8e48-ed0f9a1b94ca

Classification

Type

LFI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

stealthcopter

Verified

No

WPVDB ID

25b1c8f2-117f-448b-9a95-790db3422d6e

Timeline

Publicly Published

2025-08-28 (about 8 months ago)

Added

2025-08-28 (about 8 months ago)

Last Updated

2025-08-29 (about 8 months ago)

Other

Published

Title

Published

2024-10-29

Title

Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Download

Published

2024-11-11

Title

CYAN Backup < 2.5.4 - Authenticated (Admin+) Arbitrary File Download

Published

2022-11-28

Title

InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE

Published

2025-04-03

Title

Category Icon < 1.0.2 - Author+ Arbitrary File Download

Published

2024-10-14

Title

WordPress Gallery Plugin – Limb Image Gallery <= 1.5.7 - Authenticated (Subscriber+) Arbitrary File Download