CVE-2025-23440

UNKNOWN 0.0

WordPress radSLIDE plugin <= 2.1 - Broken Access Control to Stored Cross-Site Scripting vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Missing Authorization vulnerability in radicaldesigns radSLIDE radslide allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects radSLIDE: from n/a through <= 2.1.

CWE	CWE-862
Vendor	radicaldesigns
Product	radslide
Published	Mar 3, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for radicaldesigns radslide

Be the first to know when new unknown vulnerabilities affecting radicaldesigns radslide are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

radicaldesigns / radSLIDE

0 ≤ 2.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/radslide/vulnerability/wordpress-radslide-plugin-2-1-broken-access-control-to-stored-cross-site-scripting-vulnerability?_s_id=cve

Credits

SOPROBRO | Patchstack Bug Bounty Program