Vulnerabilities > CVE-2022-45845 - Deserialization of Untrusted Data vulnerability in Nextendweb Smart Slider 3

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

nextendweb

CWE-502

NVD

Published: 2024-01-19

Updated: 2024-01-25

Summary

Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects Smart Slider 3: from n/a through 3.5.1.9.

Vulnerable Configurations

Part	Description	Count
Application	Nextendweb Nextendweb Smart Slider 3 3.0.37 Nextendweb Smart Slider 3 3.1.6 Nextendweb Smart Slider 3 3.1.10 Nextendweb Smart Slider 3 3.2.4 Nextendweb Smart Slider 3 3.2.5 Nextendweb Smart Slider 3 3.2.6 Nextendweb Smart Slider 3 3.2.8 Nextendweb Smart Slider 3 3.2.9 Nextendweb Smart Slider 3 3.2.10 Nextendweb Smart Slider 3 3.2.12 Nextendweb Smart Slider 3 3.2.13 Nextendweb Smart Slider 3 3.2.14 Nextendweb Smart Slider 3 3.3.1 Nextendweb Smart Slider 3 3.3.2 Nextendweb Smart Slider 3 3.3.3 Nextendweb Smart Slider 3 3.3.4 Nextendweb Smart Slider 3 3.3.6 Nextendweb Smart Slider 3 3.3.7 Nextendweb Smart Slider 3 3.3.8 Nextendweb Smart Slider 3 3.3.9 Nextendweb Smart Slider 3 3.3.10 Nextendweb Smart Slider 3 3.3.11 Nextendweb Smart Slider 3 3.3.12 Nextendweb Smart Slider 3 3.3.13 Nextendweb Smart Slider 3 3.3.15 Nextendweb Smart Slider 3 3.3.18 Nextendweb Smart Slider 3 3.3.20 Nextendweb Smart Slider 3 3.3.21 Nextendweb Smart Slider 3 3.3.22 Nextendweb Smart Slider 3 3.3.23 Nextendweb Smart Slider 3 3.3.24 Nextendweb Smart Slider 3 3.3.25 Nextendweb Smart Slider 3 3.3.26 Nextendweb Smart Slider 3 3.3.27 Nextendweb Smart Slider 3 3.3.28 Nextendweb Smart Slider 3 3.4.1.6 Nextendweb Smart Slider 3 3.4.1.7 Nextendweb Smart Slider 3 3.4.1.8 Nextendweb Smart Slider 3 3.4.1.9 Nextendweb Smart Slider 3 3.4.1.10 Nextendweb Smart Slider 3 3.4.1.11 Nextendweb Smart Slider 3 3.4.1.12 Nextendweb Smart Slider 3 3.4.1.13 Nextendweb Smart Slider 3 3.4.1.14 Nextendweb Smart Slider 3 3.4.1.15 Nextendweb Smart Slider 3 3.4.1.16 Nextendweb Smart Slider 3 3.4.1.17 Nextendweb Smart Slider 3 3.5.0.8 Nextendweb Smart Slider 3 3.5.0.9 Nextendweb Smart Slider 3 3.5.0.10 Nextendweb Smart Slider 3 3.5.0.11 Nextendweb Smart Slider 3 3.5.1.0 Nextendweb Smart Slider 3 3.5.1.1 Nextendweb Smart Slider 3 3.5.1.2 Nextendweb Smart Slider 3 3.5.1.3 Nextendweb Smart Slider 3 3.5.1.4 Nextendweb Smart Slider 3 3.5.1.7 Nextendweb Smart Slider 3 3.5.1.9	58

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://patchstack.com/database/vulnerability/smart-slider-3/wordpress-smart-slider-3-plugin-3-5-1-9-auth-php-object-injection-vulnerability?_s_id=cve