CVE-2026-9197
Deferred Deferred - Pending Action
Directory Traversal in Smart Slider 3 WordPress Plugin

Publication date: 2026-06-06

Last updated on: 2026-06-08

Assigner: Wordfence

Description
The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImage function. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-06
Last Modified
2026-06-08
Generated
2026-06-27
AI Q&A
2026-06-06
EPSS Evaluated
2026-06-25
NVD
CVE-2026-9197
EUVD
EUVD-2026-34944
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
smart_slider smart_slider_3 to 3.5.1.36 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The Smart Slider 3 plugin for WordPress has a Directory Traversal vulnerability in all versions up to and including 3.5.1.36. This vulnerability exists in the replaceHTMLImage function.

It allows authenticated attackers with administrator-level access or higher to read arbitrary files on the server.

This means attackers can access files that they should not normally be able to see, potentially exposing sensitive information.

Impact Analysis

If exploited, this vulnerability can allow an attacker with administrator privileges to read sensitive files on the server.

This could lead to exposure of confidential data, such as configuration files, credentials, or other private information stored on the server.

Although the attacker needs high-level access, the impact on confidentiality is high, as indicated by the CVSS score.

Compliance Impact

The vulnerability allows authenticated attackers with administrator-level access to read arbitrary files on the server, which can contain sensitive information.

This exposure of sensitive information could potentially lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive data from unauthorized access.

Detection Guidance

This vulnerability affects the Smart Slider 3 plugin for WordPress versions up to and including 3.5.1.36, specifically via the replaceHTMLImage function. Detection involves verifying if your WordPress installation uses this plugin version and checking for signs of unauthorized file access attempts by authenticated users with administrator-level access.

Since the vulnerability requires authenticated administrator access to exploit, monitoring logs for suspicious administrator activity or unusual file read requests related to the plugin may help detect exploitation attempts.

There are no specific commands provided in the available resources to detect this vulnerability directly.

Mitigation Strategies

To mitigate this vulnerability, immediately update the Smart Slider 3 plugin to a version later than 3.5.1.36 where the directory traversal issue via the replaceHTMLImage function is fixed.

Additionally, restrict administrator-level access to trusted users only, and monitor for any suspicious activity involving file access through the plugin.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9197. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart