Vendor CVEs
Gopiplus
All CVEs
36 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4999 | Hig | 0.57 | 8.8 | 0.01 | Oct 20, 2023 | The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's [horizontal-scrolling] shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the… | ||
| CVE-2025-30979 | Hig | 0.55 | 8.5 | 0.00 | Jul 4, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through <=… | ||
| CVE-2022-46818 | Hig | 0.53 | 8.2 | 0.01 | Nov 3, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2. | ||
| CVE-2023-5466 | Hig | 0.50 | 8.8 | 0.01 | Nov 22, 2023 | The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5465 | Hig | 0.50 | 8.8 | 0.01 | Nov 22, 2023 | The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5464 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This… | ||
| CVE-2023-5439 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes… | ||
| CVE-2023-5438 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5437 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The WP fade in text news plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5436 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5435 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.… | ||
| CVE-2023-5434 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Superb slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes… | ||
| CVE-2023-5433 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5431 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.… | ||
| CVE-2023-5430 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Jquery news ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5429 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2023-5428 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.… | ||
| CVE-2023-5412 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL… | ||
| CVE-2025-39397 | Hig | 0.46 | 7.1 | 0.00 | Apr 24, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3. | ||
| CVE-2025-30983 | Med | 0.42 | 6.5 | 0.00 | Jul 4, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through <= 1.5. | ||
| CVE-2024-51914 | Med | 0.42 | 6.5 | 0.00 | Nov 19, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through <= 12.0. | ||
| CVE-2023-5001 | Med | 0.42 | 6.4 | 0.00 | Sep 16, 2023 | The Horizontal scrolling announcement plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes… | ||
| CVE-2025-30533 | Med | 0.38 | 5.9 | 0.00 | Mar 24, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through <= 9.3. | ||
| CVE-2024-52492 | Med | 0.38 | 5.9 | 0.00 | Dec 2, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a… | ||
| CVE-2023-45051 | Med | 0.38 | 5.9 | 0.00 | Oct 18, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Image vertical reel scroll slideshow plugin <= 9.0 versions. | ||
| CVE-2023-44228 | Med | 0.38 | 5.9 | 0.00 | Oct 2, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions. | ||
| CVE-2023-41736 | Med | 0.38 | 5.9 | 0.00 | Oct 2, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions. | ||
| CVE-2023-40677 | Med | 0.38 | 5.9 | 0.00 | Sep 27, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <= 7.1 versions. | ||
| CVE-2023-24394 | Med | 0.38 | 5.9 | 0.00 | Aug 25, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin <= 3.3 versions. | ||
| CVE-2022-46819 | Med | 0.38 | 5.9 | 0.00 | May 10, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Continuous announcement scroller plugin <= 13.0 versions. | ||
| CVE-2023-5432 | Med | 0.35 | 6.4 | 0.00 | Dec 19, 2023 | The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery-news-ticker' shortcode in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for… | ||
| CVE-2023-5413 | Med | 0.35 | 6.4 | 0.00 | Dec 19, 2023 | The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it… | ||
| CVE-2023-47671 | Med | 0.35 | 5.4 | 0.00 | Nov 18, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0. | ||
| CVE-2024-32601 | Med | 0.34 | 5.3 | 0.00 | Apr 18, 2024 | Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8. | ||
| CVE-2023-36523 | Med | 0.34 | 5.3 | 0.01 | Nov 30, 2023 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7. | ||
| CVE-2023-41735 | Med | 0.34 | 5.3 | 0.01 | Nov 30, 2023 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2. |
- risk 0.57cvss 8.8epss 0.01
The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's [horizontal-scrolling] shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…
- risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through <=…
- risk 0.53cvss 8.2epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2.
- risk 0.50cvss 8.8epss 0.01
The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…
- risk 0.50cvss 8.8epss 0.01
The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes…
- risk 0.50cvss 8.8epss 0.01
The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The WP fade in text news plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…
- risk 0.50cvss 8.8epss 0.01
The Superb slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes…
- risk 0.50cvss 8.8epss 0.01
The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…
- risk 0.50cvss 8.8epss 0.01
The Jquery news ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.50cvss 8.8epss 0.01
The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…
- risk 0.50cvss 8.8epss 0.01
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through <= 1.5.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through <= 12.0.
- risk 0.42cvss 6.4epss 0.00
The Horizontal scrolling announcement plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through <= 9.3.
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a…
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Image vertical reel scroll slideshow plugin <= 9.0 versions.
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions.
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions.
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <= 7.1 versions.
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin <= 3.3 versions.
- risk 0.38cvss 5.9epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Continuous announcement scroller plugin <= 13.0 versions.
- risk 0.35cvss 6.4epss 0.00
The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery-news-ticker' shortcode in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…
- risk 0.35cvss 6.4epss 0.00
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
- risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8.
- risk 0.34cvss 5.3epss 0.01
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7.
- risk 0.34cvss 5.3epss 0.01
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2.