CVE-2022-3357

Name of the Vulnerable Software and Affected Versions Smart Slider 3 versions prior to 3.5.1.11

Description The issue arises from the unserialization of the content of an imported file, potentially leading to PHP object injection issues if a malicious file is imported and a suitable gadget chain is present on the site.

Recommendations For versions prior to 3.5.1.11, update to version 3.5.1.11 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted users and files until the update is applied.