Vulnerabilities > Gopiplus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-5435 | Unspecified vulnerability in Gopiplus UP Down Image Slideshow Gallery The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-5436 | Unspecified vulnerability in Gopiplus Vertical Marquee Plugin The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-5437 | Unspecified vulnerability in Gopiplus WP Fade in Text News The WP fade in text news plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-5438 | Unspecified vulnerability in Gopiplus WP Image Slideshow The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-5439 | Unspecified vulnerability in Gopiplus WP Photo Text Slider 50 The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-5464 | Unspecified vulnerability in Gopiplus Jquery Accordion Slideshow The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-25 | CVE-2023-45764 | Cross-site Scripting vulnerability in Gopiplus Scroll Post Excerpt Auth. | 4.8 |
| 2023-10-18 | CVE-2023-45051 | Cross-site Scripting vulnerability in Gopiplus Image Vertical Reel Scroll Slideshow Auth. | 4.8 |
| 2023-10-16 | CVE-2023-44229 | Cross-site Scripting vulnerability in Gopiplus Tiny Carosel Horizontal Slider Auth. | 4.8 |
| 2023-10-02 | CVE-2023-44228 | Cross-site Scripting vulnerability in Gopiplus Onclick Show Popup Auth. | 4.8 |