CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3863

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the process_wbelps_promo_form() function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger the plugin’s support‐form handler to send arbitrary emails to the site’s support address.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.7%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2025-3863

Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.1

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.1
Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.2

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.2
Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.3

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.3
Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.4

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.4
Plugin-Devs » Post Carousel Slider For Elementor » Version: 0.9.5

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:0.9.5
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.0.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.0.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.0.1

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.0.1
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.0.2

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.0.2
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.1

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.1
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.2

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.2
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.3

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.3
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.4

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.4
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.1.5

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.1.5
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.2.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.2.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.3.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.3.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.3.1

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.3.1
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.3.2

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.3.2
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.4.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.4.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.5.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.5.0
Plugin-Devs » Post Carousel Slider For Elementor » Version: 1.6.0

cpe:2.3:a:plugin-devs:post_carousel_slider_for_elementor:1.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3863

Products

Pricing

Contact Us