โ† Back to Blog
Vulnerability Breach Patches 8 min read March 29, 2026 โ€” Evening Edition

Smart Slider WordPress CVE Hits 500K Sites, TP-Link & Cisco IOS Patch Critical Flaws, BIND DNS Memory Leak, Hightower 130K Breach, OpenAI Safety Bug Bounty

A critical arbitrary file read vulnerability in the Smart Slider 3 WordPress plugin leaves over 500,000 websites exposed. TP-Link patches authentication bypass and command injection flaws in routers. Cisco releases multi-vulnerability IOS fix covering DoS, secure boot bypass, and privilege escalation. BIND DNS resolvers face memory exhaustion via crafted domains. Hightower Holding discloses breach affecting 130,000 individuals. OpenAI expands its bug bounty to cover AI safety and abuse risks.


๐Ÿ”Œ CVE-2026-3098: Smart Slider 3 WordPress Plugin Exposes 500K+ Sites to Arbitrary File Read

โš ๏ธ Critical WordPress Vulnerability โ€” Patch Now

Any authenticated user (including subscribers) can read arbitrary server files โ€” including wp-config.php with database credentials, keys, and salts. Over 500,000 sites are still running vulnerable versions.

Security researcher Dmitrii Ignatyev has disclosed a serious vulnerability in Smart Slider 3, one of WordPress's most popular slider plugins with over 800,000 active installations. Tracked as CVE-2026-3098, the flaw allows any authenticated user โ€” even those with the lowest subscriber role โ€” to read arbitrary files from the web server.

Root Cause

The vulnerability stems from missing capability checks in the plugin's AJAX export actions. The actionExportAll function lacks file type and source validation, meaning that not only image or video files can be exported โ€” .php files can be read as well.

While a nonce is present, it does not prevent abuse because any authenticated user can obtain it. As Wordfence researcher Istvรกn Mรกrton explained:

"This ultimately makes it possible for authenticated attackers with minimal access, like subscribers, to read any arbitrary file on the server, including the site's wp-config.php file, which contains the database credentials as well as keys and salts for cryptographic security."

Timeline & Patch

The vulnerability is not yet flagged as actively exploited, but given the low barrier (subscriber-level access) and high value of exposed data (database credentials), exploitation is expected imminently.

Defender Action: Update Smart Slider 3 to version 3.5.1.34 immediately. If you cannot patch right away, disable the plugin. Audit your site for unauthorized subscriber accounts. Rotate database credentials and WordPress salts if you suspect compromise. Review server logs for anomalous export requests.


๐Ÿ“ก TP-Link Patches High-Severity Router Vulnerabilities

๐Ÿ”ถ Router Security โ€” Consumer & SMB Impact

Multiple high-severity flaws in TP-Link routers allow authentication bypass, arbitrary command execution, and configuration file decryption. Firmware updates are available.

TP-Link has released firmware updates addressing multiple high-severity vulnerabilities across its router product line. The security defects could be chained by attackers to achieve complete router compromise without valid credentials.

Vulnerability Classes

These vulnerabilities are particularly dangerous because home and SMB routers are often internet-facing, rarely updated, and provide a strategic foothold for lateral movement into internal networks.

Defender Action: Check your TP-Link router model against the vendor's security advisory and update firmware immediately. Disable remote management if not needed. Change default admin credentials. Consider network segmentation to limit router compromise blast radius.


๐ŸŒ Cisco Patches Multiple IOS Software Vulnerabilities

Cisco has released a batch of security patches for its IOS and IOS XE software addressing multiple high- and medium-severity vulnerabilities. The flaws collectively cover a wide range of attack surfaces in enterprise networking equipment.

Impact Severity Description
Denial of Service High Crafted packets can crash routing processes, causing network outages
Secure Boot Bypass High Attackers can bypass secure boot protections, enabling persistent firmware-level implants
Information Disclosure Medium Sensitive configuration data and internal state information leakage
Privilege Escalation Medium Authenticated users can elevate privileges beyond their authorization level

The secure boot bypass is particularly concerning โ€” it enables attackers who gain initial access to install persistent backdoors that survive device reboots and even firmware upgrades in some scenarios.

Defender Action: Review the Cisco IOS security advisory bundle and schedule immediate patching for internet-facing and critical infrastructure devices. Prioritize the secure boot bypass and DoS vulnerabilities. Verify device integrity using Cisco's Trustworthy Technologies verification tools.


๐Ÿ”Ž BIND DNS Resolvers Vulnerable to Memory Exhaustion Attacks

โš ๏ธ DNS Infrastructure โ€” Memory Leak Risk

Specially crafted domain queries can trigger out-of-memory conditions in BIND resolvers, leading to progressive memory leaks and eventual denial of service.

ISC has published updates for BIND 9, the most widely deployed DNS server software, patching high-severity vulnerabilities that allow remote attackers to cause memory exhaustion in DNS resolvers through specially crafted domain queries.

How It Works

The vulnerabilities exploit edge cases in BIND's domain name resolution logic. When a resolver processes certain crafted domain names, it allocates memory that is never properly freed. An attacker can send a steady stream of such queries to progressively consume all available memory on the resolver, eventually causing:

Given that BIND powers a significant portion of the internet's DNS infrastructure, these vulnerabilities have a wide blast radius. Enterprise, ISP, and government DNS resolvers are all potentially affected.

Defender Action: Update BIND to the latest patched version immediately. Monitor resolver memory usage for anomalous growth patterns. Implement rate limiting on DNS queries from individual sources. Consider deploying BIND alongside alternative resolvers for redundancy.


๐Ÿ’ผ Hightower Holding Data Breach Impacts 130,000 Individuals

Hightower Holding, a major U.S.-based wealth management firm, has disclosed a data breach affecting approximately 130,000 individuals. The company confirmed that hackers gained unauthorized access to its environment and exfiltrated sensitive personal information.

Compromised Data

This combination of PII is particularly dangerous for identity theft and financial fraud. With SSNs and driver's license numbers, attackers can open fraudulent credit accounts, file false tax returns, and conduct sophisticated social engineering attacks against the victims.

Hightower is a registered investment advisor managing over $130 billion in assets, making this breach particularly significant for the financial services sector. The company is offering credit monitoring services to affected individuals.

Affected Individuals: If you're a Hightower client, freeze your credit with all three bureaus (Equifax, Experian, TransUnion). Monitor financial accounts for unauthorized activity. Be vigilant for phishing attempts using your leaked personal data. Consider an IRS Identity Protection PIN.


๐Ÿค– OpenAI Launches Bug Bounty Program for AI Abuse & Safety Risks

In a notable expansion of its security program, OpenAI has launched a new bug bounty track specifically targeting AI abuse and safety risks. Unlike traditional bug bounties that focus on code-level vulnerabilities, this program rewards researchers for discovering design or implementation issues that lead to material harm.

What's In Scope

This represents a significant shift in how AI companies approach security. By creating financial incentives for red-teaming AI safety, OpenAI is acknowledging that traditional vulnerability disclosure models need to evolve alongside AI capabilities.

For Researchers: The program covers design and implementation issues leading to material harm. Reports should include clear reproduction steps and evidence of impact. This is separate from OpenAI's existing security bug bounty on HackerOne.


๐Ÿ“Š Threat Landscape Summary

Threat Category Severity Action Required
Smart Slider CVE-2026-3098 WordPress Vuln Medium* Update to 3.5.1.34
TP-Link Router Flaws Network Vuln High Update firmware
Cisco IOS Multi-Vuln Network Vuln High Apply IOS patches
BIND DNS Memory Leak DNS Vuln High Update BIND
Hightower Breach (130K) Data Breach High Credit freeze / monitor
OpenAI Safety Bounty Industry Info Awareness

*Smart Slider CVE rated medium due to authentication requirement, but real-world risk is high on sites with open registration.


๐Ÿ”‘ Key Takeaways

Is Your Infrastructure Patched?

KENSAI continuously monitors your WordPress plugins, network devices, and DNS infrastructure for known vulnerabilities โ€” alerting you before attackers strike.

Start Your Free Scan โ†’

Published by the KENSAI Threat Intelligence Team
March 29, 2026 โ€” Evening Edition
Sources: Wordfence, BleepingComputer, SecurityWeek, ISC, Cisco, TP-Link, OpenAI

Related Articles

VENON Rust Banking Malware Hits Brazil EU Parliament Votes to Simplify AI Act, Bans Nudifier Systems โ€” CRA Enforcement ุชู†ุจูŠู‡ุงุช VS Code ู…ุฒูŠูุฉ ุนู„ู‰ GitHub ุชู†ุดุฑ ุจุฑู…ุฌูŠุงุช ุฎุจูŠุซุฉุŒ ู…ุฌู…ูˆุนุฉ ู…ูˆุงู„ูŠุฉ ู„ุฅูŠุฑุงู† ุชุฎุชุฑู‚