CVE-2015-3634

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for WordPress allows remote attackers to read arbitrary WordPress option values.