CVE-2026-9197

EUVD-2026-34944
The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImage function. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
WordfenceCNA
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
nextendwebsmart_slider_3
𝑥
≤ 3.5.1.36
CNA
Common Weakness Enumeration
References
https://plugins.trac.wordpress.org/browser/smart-slider-3/trunk/Nextend/SmartSlider3/Application/Admin/Slider/ControllerSlider.php#L261
https://plugins.trac.wordpress.org/browser/smart-slider-3/trunk/Nextend/SmartSlider3/BackupSlider/ExportSlider.php#L312
https://plugins.trac.wordpress.org/browser/smart-slider-3/trunk/Nextend/SmartSlider3/BackupSlider/ExportSlider.php#L404
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3552076%40smart-slider-3&new=3552076%40smart-slider-3&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/059c2d6d-1296-4463-96ae-a95ba7dad70a?source=cve