CVE-2020-36729

MEDIUM

2J-SlideShow Plugin <1.3.31 - Auth Bypass

Title source: llm

Description

The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twoj_slideshow_setup' function called via the wp_ajax_twoj_slideshow_setup AJAX action in versions up to, and including, 1.3.31. This makes it possible for authenticated attackers (Subscriber, or above level access) to allow attackers to perform otherwise restricted actions and subsequently deactivate any plugins on the blog.

References (4)

Core 4

Core References

Exploit

https://blog.nintechnet.com/wordpress-2j-slideshow-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/

Patch

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2226528%402j-slideshow&new=2226528%402j-slideshow&sfp_email=&sfph_mail=

Third Party Advisory

https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-images-slideshow-by-2j-image-slider-security-bypass-1-3-31/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/f06d1b9e-e27d-4c43-a69b-7641518e4615?source=cve

Scores

CVSS v3 5.4

EPSS 0.0072

EPSS Percentile 48.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-285 CWE-862

Status published

Products (2)

2j-slideshow/Slideshow, Image Slider by 2J < 1.3.31

2joomla/2j_slideshow < 1.3.31

Published Jun 07, 2023

Tracked Since Feb 18, 2026