Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
PickPlugins Testimonial Slider allows unauthorized access to sensitive data
CVE-2025-68000
Summary
The Testimonial Slider plugin for WordPress has a vulnerability that allows attackers to access sensitive data if access control settings are not properly configured. This affects versions up to 2.0.15, so you should update to a newer version to fix the issue.
Original title
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from...
Original description
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026