Nextendweb Smart Slider 3
4 CVEs affecting Nextendweb Smart Slider 3. Latest disclosed: 2026-04-07. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-3098 | Medium | 6.5 | 2026-03-27 | The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function… |
CVE-2024-3027 | Medium | 6.4 | 2024-04-13 | The Smart Slider 3 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the upload function in all vers… |
CVE-2026-4065 | Medium | 5.4 | 2026-04-07 | The Smart Slider 3 plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple wp_ajax_smar… |
CVE-2025-6348 | Medium | 4.9 | 2025-07-30 | The Smart Slider 3 plugin for WordPress is vulnerable to time-based SQL Injection via the ‘sliderid’ parameter in all versions up to, and including, 3.5.1.28 d… |