Update the WordPress Smart Slider 3 plugin to the latest available version (at least 126.96.36.199).
Dave Jong discovered and reported this PHP Object Injection vulnerability in WordPress Smart Slider 3 Plugin. This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more. This could allow a malicious actor to take-over a website. This vulnerability has been fixed in version 188.8.131.52.
Auth. Stored CrossSite Scripting (XSS) vulnerability
PHP Object Injection vulnerability
Authenticated Stored CrossSite Scripting (XSS) vulnerability