Vulnerability Description
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This makes it possible for authenticated attackers, with subscriber-level access and above to extract sensitive data including installed plugin information.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/b-slider/tags/1.1.30/adminMenu.php#L8
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old
- https://www.wordfence.com/threat-intel/vulnerabilities/id/c19b24ef-cf49-4a5c-a18
FAQ
What is CVE-2025-8676?
CVE-2025-8676 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This mak...
How severe is CVE-2025-8676?
CVE-2025-8676 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8676?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.