Smart Slider 3 flaw puts 800,000-plus WordPress sites at risk of sensitive file exposure

A newly disclosed vulnerability in the WordPress plugin Smart Slider 3 could let low-privilege authenticated users read sensitive files from the server, including wp-config.php in some cases. The flaw, tracked as CVE-2026-3098, affects Smart Slider 3 versions through 3.5.1.33 and has been patched in version 3.5.1.34. The issue matters because Smart Slider 3 has more […] The post Smart Slider 3 flaw puts 800,000-plus WordPress sites at risk of sensitive file exposure appeared first on VPN Central.