VYPR
Vendor

Gopiplus

Products
23
CVEs
37
Across products
37
Status
Private

Products

23

Recent CVEs

37
View all 37 CVEs →
  • CVE-2023-4999HigOct 20, 2023
    risk 0.57cvss 8.8epss 0.01

    The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's [horizontal-scrolling] shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…

  • CVE-2025-30979HigJul 4, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through <=…

  • CVE-2022-46818HigNov 3, 2023
    risk 0.53cvss 8.2epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2.

  • CVE-2023-5466HigNov 22, 2023
    risk 0.50cvss 8.8epss 0.01

    The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5465HigNov 22, 2023
    risk 0.50cvss 8.8epss 0.01

    The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5464HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…

  • CVE-2023-5439HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes…

  • CVE-2023-5438HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5437HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The WP fade in text news plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5436HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5435HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…

  • CVE-2023-5434HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Superb slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes…

  • CVE-2023-5433HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5431HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…

  • CVE-2023-5430HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Jquery news ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5429HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…

  • CVE-2023-5428HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…

  • CVE-2023-5412HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…

  • CVE-2025-39397HigApr 24, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3.

  • CVE-2025-30983MedJul 4, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through <= 1.5.