Description
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Published: 2026-03-27
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Possibility to read arbitrary files on the server by any authenticated user with a Subscriber role or higher
Action: Immediate Patch
AI Analysis

Impact

The Smart Slider 3 plugin has a flaw in the actionExportAll function that allows an attacker who can log into the WordPress site with a role of Subscriber or higher to read any file on the server through a crafted request. The vulnerability is a classic arbitrary file read (CWE‑862). Once exploited, the attacker can obtain sensitive data, configuration files, or credentials stored on the server, compromising confidentiality. Because the access precondition is only a legitimate user role, the risk is high for sites with many authenticated users.

Affected Systems

This issue affects all installations of the nextendweb Smart Slider 3 plugin version 3.5.1.33 and earlier, regardless of the WordPress core version. Any WordPress website using a vulnerable plugin version is at risk until the component is updated.

Risk and Exploitability

The CVSS base score of 6.5 reflects a moderate severity with Medium exploitability. An attacker needs only an authenticated session, which many websites provide to subscribers, so exploitation is straightforward. No public exploit code appears in the public feeds, and the vulnerability is not listed in the CISA KEV catalog, but the nature of the flaw still makes it a serious target for attackers scanning for vulnerable sites. The lack of an EPSS score means we do not have a publicly available estimate of exploit frequency.

Generated by OpenCVE AI on March 27, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Smart Slider 3 to the latest version (3.5.1.34 or later) immediately
  • If an upgrade is not feasible, remove the actionExportAll capability from lower‑privilege roles or disable the plugin entirely until patched
  • Ensure WordPress user accounts have the minimum necessary roles and that the Subscriber role is not granted more permissions than needed
  • Regularly review plugin versions and apply security patches as they are released
  • Monitor file access logs for unexpected read attempts to detect potential exploitation

Generated by OpenCVE AI on March 27, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Title Smart Slider 3 <= 3.5.1.33 - Authenticated (Subscriber+) Arbitrary File Read via actionExportAll
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-03-27T03:37:07.618Z

Reserved: 2026-02-24T07:04:35.393Z

Link: CVE-2026-3098

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-27T04:16:03.570

Modified: 2026-03-27T04:16:03.570

Link: CVE-2026-3098

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:22:19Z

Weaknesses