CVE-2025-49897HIGH 8.8EPSS p30.3%

CVE-2025-49897CVE-2025-49897

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.39% probability of exploitation · percentile 30.3% · 2026-06-19T12:03:05Z
Published2025-08-15
Last modified2026-04-28

Underlying weaknesses· 1

CWE-89

References

  1. https://patchstack.com/database/wordpress/plugin/vertical-scroll-slideshow-gallery-v2/vulnerability/wordpress-vertical-scroll-slideshow-gallery-v2-plugin-9-1-sql-injection-vulnerability?_s_id=cve

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')cwe-890%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30979
CVE
CVE-2025-30969
CVE
CVE-2025-58881
CVE
CVE-2025-30947
CVE
CVE-2025-30589
CVE
CVE-2025-30590
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.