CVE-2026-4065
Received Received - Intake
Unauthorized Access in Smart Slider 3 via Missing Capability Checks

Publication date: 2026-04-07

Last updated on: 2026-04-07

Assigner: Wordfence

Description
The Smart Slider 3 plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple wp_ajax_smart-slider3 controller actions in all versions up to, and including, 3.5.1.33. The display_admin_ajax() method does not call checkForCap() (which requires unfiltered_html capability), and several controller actions only validate the nonce (validateToken()) without calling validatePermission(). This makes it possible for authenticated attackers, with Contributor-level access and above, to enumerate slider metadata and create, modify, and delete image storage records by obtaining the nextend_nonce exposed on post editor pages.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-04-07
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4065
EUVD
EUVD-2026-19956
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nextend smart_slider_3 to 3.5.1.33 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in the Smart Slider 3 plugin for WordPress, specifically in versions up to and including 3.5.1.33. It is caused by missing capability checks on multiple wp_ajax_smart-slider3 controller actions. The display_admin_ajax() method does not perform the required checkForCap() call, which enforces the unfiltered_html capability. Additionally, several controller actions only validate the nonce token (validateToken()) but do not verify user permissions (validatePermission()).

As a result, authenticated attackers with Contributor-level access or higher can exploit this flaw to enumerate slider metadata and create, modify, or delete image storage records by using the nextend_nonce token exposed on post editor pages.

Impact Analysis

This vulnerability allows attackers with Contributor-level access or above to perform unauthorized actions within the Smart Slider 3 plugin. They can enumerate sensitive slider metadata and manipulate image storage records by creating, modifying, or deleting them without proper authorization.

Such unauthorized access and modification can lead to data integrity issues, potential content disruption on the affected WordPress site, and could be leveraged for further attacks or unauthorized content changes.

Mitigation Strategies

The vulnerability exists in all versions of the Smart Slider 3 plugin up to and including 3.5.1.33 due to missing capability checks on multiple controller actions.

Immediate mitigation steps include updating the Smart Slider 3 plugin to a version later than 3.5.1.33 where this issue is fixed.

If an update is not immediately possible, restrict Contributor-level and above user access to the plugin's functionalities and monitor for unauthorized access attempts.

Compliance Impact

The vulnerability allows authenticated attackers with Contributor-level access and above to enumerate slider metadata and create, modify, and delete image storage records due to missing capability checks. This unauthorized access and modification of data could potentially lead to violations of data protection and privacy regulations such as GDPR and HIPAA, which require strict controls over access to and modification of personal and sensitive data.

Specifically, the lack of proper permission validation may result in unauthorized disclosure or alteration of data, undermining confidentiality and integrity requirements mandated by these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4065. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart