CVE-2025-68009
WordPress Slider Templates plugin <= 1.0.3 - Broken Access Control vulnerabilityMissing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through <= 1.0.3.
We have discovered 400 live websites that are affected by CVE-2025-68009.
Affected Software
| Product |  Slider Templates |
| Category | Wordpress Plugins |
| Vulnerable Domains | 400 live websites (100% of Slider Templates install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 3 versions ( 100% of all versions) |
Details
- Published - Jan 22, 2026
- Updated - Jan 28, 2026
Credits
- Nabil Irawan | Patchstack Bug Bounty Program (finder)
CVE References
Website Distribution by Country
Number of websites using CVE-2025-68009 United States | 94 websites |
 Germany | 48 websites |
 Netherlands | 32 websites |
 Italy | 28 websites |
 GB | 23 websites |
 France | 20 websites |
 Denmark | 11 websites |
 Spain | 10 websites |
 Australia | 10 websites |
 Canada | 10 websites |
Website Distribution by TLD
Number of websites using CVE-2025-68009| .com | 151 websites |
| .de | 27 websites |
| .nl | 26 websites |
| .it | 22 websites |
| .org | 14 websites |
| .co.uk | 12 websites |
| .fr | 11 websites |
| .at | 8 websites |
| .be | 8 websites |
| .es | 7 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-68009
Top websites that are affected by CVE-2025-68009. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **********.com | GB | *,***,*** | |
| **********.com |  Singapore | *,***,*** | |
| ********.fr | France | *,***,*** | |
| ******************.com | United States | *,***,*** | |
| *********.nl | Netherlands | *,***,*** | |
| ******.com | United States | *,***,*** | |
| ***********.com | United States | *,***,*** | |
| ********.**.uk | GB | *,***,*** | |
| *************.com | United States | *,***,*** | |
| *****.com |  Hong Kong | *,***,*** |
FAQ
A total of 400 websites have been identified as vulnerable to CVE-2025-68009, based on global website indexing conducted by WebTechSurvey.
The Slider Templates is affected by the CVE-2025-68009 vulnerability.
Slider Templates versions up to and including 1.0.3 are vulnerable to CVE-2025-68009.