Name of the Vulnerable Software and Affected Versions:

Smart Slider 3 versions prior to 3.5.1.29

Description:

The Smart Slider 3 plugin for WordPress is vulnerable to time-based SQL Injection via the `sliderid` parameter. Insufficient escaping of user-supplied parameters and inadequate preparation of existing SQL queries allow authenticated attackers with Administrator-level access or higher to append additional SQL queries to existing ones, potentially extracting sensitive information from the database.

Recommendations:

Update Smart Slider 3 to version 3.5.1.29 or later.