Vulnerability Details CVE-2022-3357
The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import (intentionally or not) a malicious file, and a suitable gadget chain is present on the site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.131
EPSS Ranking 93.8%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-3357
-
cpe:2.3:a:nextendweb:smart_slider_3:3.0.37
-
cpe:2.3:a:nextendweb:smart_slider_3:3.1.10
-
cpe:2.3:a:nextendweb:smart_slider_3:3.1.6
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.10
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.12
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.13
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.14
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.4
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.5
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.6
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.8
-
cpe:2.3:a:nextendweb:smart_slider_3:3.2.9
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.1
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.10
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.11
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.12
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.13
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.15
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.18
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.2
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.20
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.21
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.22
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.23
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.24
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.25
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.26
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.27
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.28
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.3
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.4
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.6
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.7
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.8
-
cpe:2.3:a:nextendweb:smart_slider_3:3.3.9
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.10
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.11
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.12
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.13
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.14
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.15
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.16
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.17
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.6
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.7
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.8
-
cpe:2.3:a:nextendweb:smart_slider_3:3.4.1.9
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.0.10
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.0.11
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.0.8
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.0.9
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.0
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.1
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.2
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.3
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.4
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.7
-
cpe:2.3:a:nextendweb:smart_slider_3:3.5.1.9