File read flaw in Smart Slider plugin impacts 500K WordPress sites

Overview

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.

Organisations Involved

The following organisations are mentioned in relation to this incident: Smart Slider.

Multi-Source Coverage

This event has been reported across multiple outlets:

File read flaw in Smart Slider plugin impacts 500K WordPress sites — bleepingcomputer

Sources: bleepingcomputer. Aggregated by Cybernews Agency pipeline.

AR-ID	f36f2678-2e36-49c3-a5a7-5ea8058abf95
NEWS-ID	d4ff6832-022a-4af2-a1f4-95a4930a94c1
Article type	trending
Categories	none
Quality score	0.9170
Generation timestamp	2026-03-30 10:47 UTC
Publish timestamp	2026-03-30 10:47 UTC
Editor corrections	[{"by": "cn-editor", "note": "passed quality checks", "score": 0.917}]

File read flaw in Smart Slider plugin impacts 500K WordPress sites

TREND SUMMARY

Overview

Organisations Involved

Multi-Source Coverage

DEBUG — Testing Information