VYPR

Wp Tabber Widget

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-53468HigSep 22, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus@hotmail.com Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through <= 4.0.

  • CVE-2025-10730MedOct 15, 2025
    risk 0.42cvss 6.5epss 0.00

    The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…