WordPress Vertical scroll slideshow gallery v2 plugin

8.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1.

Basic Information

ID CVE-2025-49897

Source Patchstack

Published Aug 15, 2025 at 15:13

Affected Product

Vendor gopiplus

Product Vertical scroll slideshow gallery v2

Version n/a

Affected Versions gopiplus Vertical scroll slideshow gallery v2 n/a

CWE Classification

CWE-89

References

patchstack.com /database/wordpress/plugin/vertical-scroll-slideshow-gallery-v2/vulnerability/wordpress-vertical-scroll-slideshow-gallery-v2-plugin-9-1-sql-injection-vulnerability

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1.",
    "published": "2025-08-15T15:13:13.206Z",
    "modified": "2025-08-15T15:13:13.206Z",
    "type": "cve",
    "title": "WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability",
    "source": "Patchstack",
    "references": "https://patchstack.com/database/wordpress/plugin/vertical-scroll-slideshow-gallery-v2/vulnerability/wordpress-vertical-scroll-slideshow-gallery-v2-plugin-9-1-sql-injection-vulnerability?_s_id=cve",
    "id": "CVE-2025-49897",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "gopiplus Vertical scroll slideshow gallery v2 n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Vertical scroll slideshow gallery v2",
    "version": "n/a",
    "vendor": "gopiplus",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability_CVE-2025-49897