CVE-2022-45843 MEDIUM

CVE-2022-45843: WordPress Smart Slider 3 Plugin <= 3.5.1.9 is vulnerable to Cross Site Scripting (XSS)

Vendor Nextend
Product Smart Slider 3
Weakness CWE-79 · XSS
Published March 23, 2023
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Nextend Smart Slider 3 plugin <= 3.5.1.9 versions.

Key dates

02Disclosure timeline

March 23, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-37412 WordPress Better Delete Revision plugin <= 1.6.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability CVE-2023-1117 Cross-site Scripting (XSS) - Stored in pimcore/pimcore CVE-2024-13380 Alex Reservations: Smart Restaurant Booking <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2024-23516 WordPress CC BMI Calculator Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) CVE-2023-20141 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities