CVE-2026-38904: Smart Slider 3 Pro Plugin

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

Smart Slider 3 Pro Plugin

Remediation Steps

Immediately update Smart Slider 3 Pro to version 3.5.1.36 or later (skip compromised 3.5.1.35)
Scan all affected WordPress/Joomla sites for backdoor persistence mechanisms
Change all administrative credentials for affected CMS instances
Review server access logs for unauthorized administrative activity
Consider temporary disabling of the plugin pending forensic review

References

https://www.patchstack.com/articles/smart-slider-3-pro-backdoor
https://nextendweb.com/
https://nvd.nist.gov/vuln/detail/CVE-2026-38904

Coverage on defend.network

Vulnerability Priority Report – Week 2 of April 2026 (April 13 – 19)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts