The Responsive Accordion Slider plugin for WordPress, developed by techknowprime, contains a vulnerability identified as CVE-2026-0635, classified under CWE-862 (Missing Authorization). This vulnerability arises from the absence of a capability check in the 'resp_accordion_silder_save_images' function, which is responsible for saving image metadata related to sliders. All versions up to and including 1.2.2 are affected. An authenticated attacker with at least Contributor-level privileges can exploit this flaw to modify any slider's image metadata, including titles, descriptions, alt text, and hyperlinks, without proper authorization. Since Contributor-level users typically have permissions to submit and edit their own posts but not to modify plugin settings or other users' content, this vulnerability elevates their ability to alter slider content beyond intended limits. The attack vector is network-based and does not require user interaction, making it relatively straightforward to exploit once authenticated. However, the vulnerability does not allow for data disclosure or denial of service, limiting its impact to integrity violations of website content. No patches or fixes have been published at the time of disclosure, and no active exploitation has been reported. The vulnerability has a CVSS v3.1 base score of 4.3, reflecting its medium severity. The issue highlights the importance of implementing proper authorization checks in WordPress plugins to prevent privilege escalation and unauthorized content modification.

This vulnerability primarily impacts the integrity of website content managed via the Responsive Accordion Slider plugin. Unauthorized modification of slider image metadata can lead to misleading or malicious content being displayed, such as altered image descriptions or links redirecting users to malicious sites. This can damage brand reputation, reduce user trust, and potentially facilitate phishing or social engineering attacks. Since the vulnerability requires Contributor-level access, attackers must first compromise or gain such credentials, which may be easier in environments with weak user management or credential hygiene. The lack of impact on confidentiality or availability limits the scope of damage, but integrity violations can still have significant business consequences, especially for organizations relying heavily on their web presence for marketing or customer engagement. The absence of known exploits reduces immediate risk, but the vulnerability remains a concern until patched. Organizations with multiple contributors or open registration policies are at higher risk. The vulnerability could also be leveraged as part of a broader attack chain, where content manipulation serves as a vector for further compromise or social engineering.

To mitigate this vulnerability, organizations should immediately review and restrict Contributor-level access to trusted users only, minimizing the risk of unauthorized exploitation. Implement strict user role management and monitor user activities related to content modification. Until an official patch is released, consider disabling or replacing the Responsive Accordion Slider plugin if feasible. Employ web application firewalls (WAFs) with custom rules to detect and block unauthorized attempts to invoke the 'resp_accordion_silder_save_images' function. Regularly audit website content for unexpected changes in slider images, metadata, and links. Encourage plugin developers or maintainers to release a patch that adds proper capability checks to the vulnerable function. Additionally, enforce strong authentication mechanisms such as multi-factor authentication (MFA) for all users with Contributor-level or higher privileges to reduce the risk of credential compromise. Maintain up-to-date backups of website content to enable quick restoration if unauthorized modifications occur.