CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...

CVE-2025-49897

CVE-2025-49897 affects the WordPress plugin Vertical scroll slideshow gallery v2 (versions

PT-2025-33491 · Unknown · Gopiplus Vertical Scroll Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: gopiplus Vertical scroll slideshow gallery versions n/a through 9.1 Description: Improper neutralization of special elements used in an SQL command 'SQL Injection' allows for Blind SQL Injection. Recommendations: At the moment, there is no...

CVE-2023-5428

The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress Horizontal scroll image slideshow plugin <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Horizontal scroll image slideshow versions = 10.1...

WordPress plugin Horizontal scroll image slideshow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2024-52492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a through = 13.4...

CVE-2024-52492

CVE-2024-52492 details a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Image horizontal reel scroll slideshow (versions

WordPress Image horizontal reel scroll slideshow Plugin <= 13.4 is vulnerable to Cross Site Scripting (XSS)

Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.4 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-52492 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f3bd39fc0f00 Credits UKO Required...

WordPress Image horizontal reel scroll slideshow Plugin <= 13.3 is vulnerable to Cross Site Scripting (XSS)

Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.3 Fixed in 13.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5413 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f4bff9d695d5 Credits...

Image horizontal reel scroll slideshow < 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Image horizontal reel scroll slideshow Plugin <= 13.2 is vulnerable to SQL Injection

Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.2 Fixed in 13.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5412 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 4f2c4949819b Credits István Márton Required...

WordPress Image vertical reel scroll slideshow Plugin <= 9.0 is vulnerable to SQL Injection

Software Image vertical reel scroll slideshow Type Plugin Vulnerable versions = 9.0 Fixed in 9.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5428 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 370354776dcc Credits István Márton Required privilege...

CVE-2023-45051

CVE-2023-45051 is an Auth. (admin+) Stored XSS in the WordPress plugin “Image vertical reel scroll slideshow.” The vulnerability affects the plugin’s image slideshow function and is caused by insufficient escaping/validation of inputs, permitting stored XSS when an admin with unfiltered HTML cont...

CVE-2023-45051 WordPress Image vertical reel scroll slideshow Plugin <= 9.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Image vertical reel scroll slideshow plugin = 9.0 versions...