911 matches found
CVE-2025-9199
The CVE-2025-9199 entry corresponds to a SQL Injection vulnerability in the WordPress plugin Woo superb slideshow transition gallery with random effect (versions up to 9.1). Red Hat, NVD, CVE lists describe exploitation via the woo-superb-slideshow shortcode caused by insufficient escaping of use...
CVE-2025-9199 Woo superb slideshow transition gallery with random effect <= 9.1 - Authenticated (Contributor+) SQL Injection
The Woo superb slideshow transition gallery with random effect plugin for WordPress is vulnerable to SQL Injection via the 'woo-superb-slideshow' shortcode in all versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2025-9199 Woo superb slideshow transition gallery with random effect <= 9.1 - Authenticated (Contributor+) SQL Injection
The Woo superb slideshow transition gallery with random effect plugin for WordPress is vulnerable to SQL Injection via the 'woo-superb-slideshow' shortcode in all versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
WordPress plugin AP Background 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress AP Background plugin that stems from missing or incorrect random number validation in the...
WordPress plugin Woo superb slideshow transition gallery with random effect SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
CVE-2025-49897
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...
CVE-2025-49897
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...
CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...
CVE-2025-49897
CVE-2025-49897 affects the WordPress plugin Vertical scroll slideshow gallery v2 (versions
CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...
WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Vertical scroll slideshow gallery v2 versions = 9.1...
WordPress plugin Vertical scroll slideshow gallery SQL injection vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
PT-2025-33491 · Unknown · Gopiplus Vertical Scroll Slideshow Gallery
Name of the Vulnerable Software and Affected Versions: gopiplus Vertical scroll slideshow gallery versions n/a through 9.1 Description: Improper neutralization of special elements used in an SQL command 'SQL Injection' allows for Blind SQL Injection. Recommendations: At the moment, there is no...
CVE-2025-5752
The Vertical scroll image slideshow gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-5752 Vertical scroll image slideshow gallery <= 11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter
The Vertical scroll image slideshow gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Vertical scroll image slideshow gallery cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-30979
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through = 8.0...
CVE-2025-30983
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...
CVE-2025-30983
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...
CVE-2025-30979
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through = 8.0...