[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS17w9qF-KPpumpElLJ-uDOIpIkk417CHx76bIBJAkaI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":148,"fingerprints":295},"vertical-scroll-slideshow-gallery-v2","Vertical scroll slideshow gallery v2","9.1","gopiplus","https:\u002F\u002Fprofiles.wordpress.org\u002Fgopiplus\u002F","\u003Cp>Check official website for live demo \u003Ca href=\"http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Live Demo \u003Ca href=\"http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>     \u003C\u002Fli>\n\u003Cli>More Information \u003Ca href=\"http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F\" rel=\"nofollow ugc\">More Information\u003C\u002Fa>               \u003C\u002Fli>\n\u003Cli>User Comments \u003Ca href=\"http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F\" rel=\"nofollow ugc\">User Comments\u003C\u002Fa>     \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Vertical scroll slideshow gallery plugin will create the vertical scrolling image slideshow gallery on the wordpress widget. Image will scroll one by one on the gallery.\u003C\u002Fp>\n\u003Ch4>Features of this plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple\u003C\u002Fli>\n\u003Cli>Easy installation.  \u003C\u002Fli>\n\u003Cli>Widgets, so you can add pretty much anything.  \u003C\u002Fli>\n\u003Cli>Easy slideshow size (width & height) override option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (en_EN) – \u003Ca href=\"http:\u002F\u002Fwww.gopiplus.com\u002F\" rel=\"nofollow ugc\">Gopi Ramasamy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Polish (pl_PL) – \u003Ca href=\"https:\u002F\u002Fwww.couponmachine.in\u002F\" rel=\"nofollow ugc\">Abdul Sattar\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Vertical scroll slideshow gallery plugin will create the vertical scrolling image slideshow gallery on the wordpress widget.",20,15345,0,"2022-12-01T17:14:00.000Z","6.1.10","3.4","",[19,20,21,22,23],"gallery","images","scroll","slideshow","vertical","http:\u002F\u002Fwww.gopiplus.com\u002Fwork\u002F2010\u002F07\u002F18\u002Fvertical-scroll-slideshow-gallery-v2\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvertical-scroll-slideshow-gallery-v2.zip",63,1,"2025-08-15 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-49897","vertical-scroll-slideshow-gallery-v2-authenticated-contributor-sql-injection","Vertical scroll slideshow gallery v2 \u003C= 9.1 - Authenticated (Contributor+) SQL Injection","The Vertical scroll slideshow gallery v2 plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=9.1","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-08-18 18:08:55",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb81c8bca-ba80-4beb-aa51-6505c76a424e?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},52,19110,83,70,76,"2026-04-05T14:45:38.163Z",[53,74,95,117,133],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":71,"download_link":72,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":73,"fetched_at":29},"gpp-slideshow","GPP Slideshow","1.3.5","Thad Allender","https:\u002F\u002Fprofiles.wordpress.org\u002Fendortrails\u002F","\u003Cp>The GPP Slideshow plugin for WordPress allows you to create minimalist image slideshows using the new Gallery post type or using WordPress’ built in [gallery] shortcode on Posts and Pages.  The plugin comes with a  Widget for easily inserting a specific gallery into any widgetized are on your theme.  This plugin requires WordPress 3.1 and works best with \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">a Graph Paper Press theme\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo.graphpaperpress.com\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Live demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Release info\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n","A minimalist slideshow plugin that creates a new gallery post type. Add slideshows to widgets, posts, pages and gallery posts.",200,69652,50,2,"2014-01-07T08:13:00.000Z","3.7.41","3.5",[19,20,69,70,22],"photos","portfolio","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-slideshow.1.3.5.zip","2025-06-05 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":17,"tags":89,"homepage":92,"download_link":93,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"wp-bootstrap-carousel","WP Bootstrap Carousel","0.5.0","Peter J. Herrel","https:\u002F\u002Fprofiles.wordpress.org\u002Fdonutz\u002F","\u003Cp>This plugin allows you to display images attached to a post or page as a Bootstrap Carousel using the [carousel] shortcode.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fpeterherrel.com\u002Fwordpress\u002Fplugins\u002Fwp-bootstrap-carousel\u002Fdemo\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>As a bonus, this plugin can transform post listings generated by the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisplay-posts-shortcode\u002F\" rel=\"ugc\">Display Posts Shortcode\u003C\u002Fa> plugin (version 2.2.1 or higher) into a Bootstrap Carousel slideshow.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgetbootstrap.com\u002F\" rel=\"nofollow ugc\">Twitter Bootstrap\u003C\u002Fa> was designed and built by @mdo and @fat.\u003C\u002Fp>\n","A simple, straightforward implementation of the Twitter Bootstrap Carousel in WordPress.",100,21581,88,8,"2015-05-09T14:55:00.000Z","4.2.39","3.6",[90,91,19,20,22],"bootstrap","carousel","http:\u002F\u002Fpeterherrel.com\u002Fwordpress\u002Fplugins\u002Fwp-bootstrap-carousel","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-bootstrap-carousel.0.5.0.zip",85,{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":17,"tags":110,"homepage":113,"download_link":114,"security_score":115,"vuln_count":27,"unpatched_count":13,"last_vuln_date":116,"fetched_at":29},"simple-slider","Simple Slider","1.2.4","ChrisHurst","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrishurst\u002F","\u003Cp>Simple Slider Plugin for WordPress allows creation and management of simple image slideshows\u003C\u002Fp>\n\u003Cp>Developer Website: http:\u002F\u002FMyWebsiteAdvisor.com\u002F\u003C\u002Fp>\n\u003Cp>Plugin Page: http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fsimple-slider\u002F\u003C\u002Fp>\n\u003Cp>Video Tutorial: http:\u002F\u002Fmywebsiteadvisor.com\u002Flearning\u002Fvideo-tutorials\u002Fsimple-slider-tutorial\u002F\u003C\u002Fp>\n\u003Cp>We are looking for testimonials and live examples of our plugins on your website!\u003Cbr \u002F>\nPlease submit your website or testimonial here: http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftestimonials\u002F\u003Cbr \u002F>\nIf we choose your testimonial or website we can link to your site and generate some free traffic for you!\u003C\u002Fp>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP 5\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To-do:\u003C\u002Fp>\n","Create and Manage simple slideshows using images in WordPress media system",80,13948,60,6,"2013-07-13T18:15:00.000Z","3.5.2","3.0",[19,111,20,112,22],"image","slider","http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fsimple-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-slider.1.2.4.zip",84,"2021-11-22 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":105,"downloaded":125,"rating":11,"num_ratings":27,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":17,"tags":129,"homepage":131,"download_link":132,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"coin-slider-4-wp","Coin Slider 4 WordPress","1.0","KopiPejst","https:\u002F\u002Fprofiles.wordpress.org\u002Fkopipejst\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fworkshop.rs\u002Fprojects\u002Fcoin-slider\u002F\" rel=\"nofollow ugc\">Coin Slider\u003C\u002Fa> 4 WP is WordPress plugin for creating image gallery with unique transition effects of featured posts. You can choose between three types of transition effects: random, swirl and rain. Also, you can set width, height, delay time, number of posts etc.\u003C\u002Fp>\n\u003Cp>You can find more informations about this plugin on \u003Ca href=\"http:\u002F\u002Fworkshop.rs\u002F\" rel=\"nofollow ugc\">www.workshop.rs\u003C\u002Fa>\u003C\u002Fp>\n","Coin Slider 4 WP is Wordpress plugin for creating image gallery with unique transition effects of featured posts. You can choose between three types o &hellip;",50180,"2010-05-03T22:27:00.000Z","2.8","2.3",[130,19,20,22],"featured","http:\u002F\u002Fworkshop.rs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoin-slider-4-wp.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":105,"downloaded":141,"rating":82,"num_ratings":142,"last_updated":143,"tested_up_to":87,"requires_at_least":109,"requires_php":17,"tags":144,"homepage":146,"download_link":147,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"wpjaipho","WPJaipho Mobile Gallery","1.5.0","Tihomir Dmitrović","https:\u002F\u002Fprofiles.wordpress.org\u002Ftolecar\u002F","\u003Cp>WPJaipho is plugin which adds mobile optimized look & feel to your WP based galleries.\u003Cbr \u002F>\nIt is based on the original \u003Ca href=\"http:\u002F\u002Fjaipho.com\u002F\" rel=\"nofollow ugc\">Jaipho\u003C\u002Fa>, iPhone optimized Javascript gallery and it works on iPhone, iPad and Android devices.\u003C\u002Fp>\n\u003Ch4>Supported WP galleries\u003C\u002Fh4>\n\u003Cp>WP Jaipho works with: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnextgen-gallery\u002F\" rel=\"ugc\">NextGEN 1.x\u003C\u002Fa> Gallery and Default WP Gallery (via Media Library). It also works flawlessly with some mobile theme plugins such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwptouch\u002F\" rel=\"ugc\">WPTouch\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwordpress-mobile-pack\u002F\" rel=\"ugc\">WordPress Mobile Pack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>How Does it Work?\u003C\u002Fh4>\n\u003Cp>Simple enough – just activate the plugin, and all your galleries are automatically transformed into mobile optimized gallery, which is visible for mobile users only. Check out demo \u003Ca href=\"http:\u002F\u002Fwww.viberfaq.com\u002Fviber-android-beta-version-review\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> with your iPhone.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WPJaipho installation on \u003Ca href=\"http:\u002F\u002Fwww.viberfaq.com\u002Fviber-android-beta-version-review\u002F\" rel=\"nofollow ugc\">The Viber FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WPJaipho extends native Wordpress image gallery, NextGEN 1.x and NextCellent Gallery with optimized support for mobile users",12787,3,"2015-05-25T20:28:00.000Z",[19,20,145,69,22],"media","http:\u002F\u002Fwww.jaipho.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpjaipho.1.5.0.zip",{"attackSurface":149,"codeSignals":177,"taintFlows":259,"riskAssessment":286,"analyzedAt":294},{"hooks":150,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":176,"entryPointCount":27,"unprotectedCount":13},[151,157,161,165],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","admin_menu","vssg2_add_to_menu","vertical-scroll-slideshow-gallery-v2.php",367,{"type":152,"name":158,"callback":159,"file":155,"line":160},"plugins_loaded","vssg2_textdomain",368,{"type":152,"name":162,"callback":163,"file":155,"line":164},"widgets_init","vssg2_widget_loading",371,{"type":152,"name":166,"callback":167,"file":155,"line":168},"admin_enqueue_scripts","vssg2_adminscripts",372,[],[],[172],{"tag":173,"callback":174,"file":155,"line":175},"vertical-scroll-slideshow-gallery","vssg2_shortcode",25,[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":184,"fileOperations":13,"externalRequests":13,"nonceChecks":142,"capabilityChecks":13,"bundledLibraries":258},[],{"prepared":11,"raw":27,"locations":180},[181],{"file":182,"line":85,"context":183},"uninstall.php","$wpdb->query() with variable interpolation",{"escaped":185,"rawEcho":186,"locations":187},24,38,[188,192,194,197,199,201,203,205,207,210,211,213,215,217,219,221,223,225,227,229,231,233,234,235,237,239,240,241,243,245,246,247,249,251,252,253,255,257],{"file":189,"line":190,"context":191},"pages\\image-management-add.php",86,"raw output",{"file":189,"line":193,"context":191},94,{"file":195,"line":196,"context":191},"pages\\image-management-edit.php",112,{"file":195,"line":198,"context":191},120,{"file":195,"line":200,"context":191},160,{"file":195,"line":202,"context":191},164,{"file":195,"line":204,"context":191},175,{"file":195,"line":206,"context":191},197,{"file":208,"line":209,"context":191},"pages\\image-management-show.php",47,{"file":208,"line":193,"context":191},{"file":208,"line":212,"context":191},95,{"file":208,"line":214,"context":191},99,{"file":208,"line":216,"context":191},102,{"file":208,"line":218,"context":191},104,{"file":155,"line":220,"context":191},184,{"file":155,"line":222,"context":191},207,{"file":155,"line":224,"context":191},211,{"file":155,"line":226,"context":191},220,{"file":155,"line":228,"context":191},222,{"file":155,"line":230,"context":191},253,{"file":155,"line":232,"context":191},254,{"file":155,"line":232,"context":191},{"file":155,"line":232,"context":191},{"file":155,"line":236,"context":191},257,{"file":155,"line":238,"context":191},258,{"file":155,"line":238,"context":191},{"file":155,"line":238,"context":191},{"file":155,"line":242,"context":191},261,{"file":155,"line":244,"context":191},262,{"file":155,"line":244,"context":191},{"file":155,"line":244,"context":191},{"file":155,"line":248,"context":191},265,{"file":155,"line":250,"context":191},266,{"file":155,"line":250,"context":191},{"file":155,"line":250,"context":191},{"file":155,"line":254,"context":191},269,{"file":155,"line":256,"context":191},270,{"file":155,"line":256,"context":191},[],[260],{"entryPoint":261,"graph":262,"unsanitizedCount":13,"severity":285},"\u003Cimage-management-show> (pages\\image-management-show.php:0)",{"nodes":263,"edges":281},[264,268,274,276],{"id":265,"type":266,"label":267,"file":208,"line":106},"n0","source","$_GET",{"id":269,"type":270,"label":271,"file":208,"line":272,"wp_function":273},"n1","sink","query() [SQLi]",37,"query",{"id":275,"type":266,"label":267,"file":208,"line":106},"n2",{"id":277,"type":270,"label":278,"file":208,"line":279,"wp_function":280},"n3","get_results() [SQLi]",58,"get_results",[282,284],{"from":265,"to":269,"sanitized":283},true,{"from":275,"to":277,"sanitized":283},"low",{"summary":287,"deductions":288},"The plugin 'vertical-scroll-slideshow-gallery-v2' v9.1 exhibits a mixed security posture.  On the positive side, it demonstrates good practices with a high percentage of SQL queries using prepared statements and a limited attack surface with only one shortcode entry point.  The absence of file operations and external HTTP requests further mitigates certain attack vectors.  However, concerns arise from the low percentage of properly escaped output (39%), which can leave the application vulnerable to cross-site scripting (XSS) attacks.  The presence of one unpatched medium severity CVE related to SQL injection, despite the general use of prepared statements, is a significant concern and indicates a historical weakness in sanitizing inputs for SQL queries. This suggests that while the developers may be using prepared statements for most queries, there's a specific instance or type of input that still allows for injection, and this has not been addressed.\n\nOverall, while the plugin has strengths in its limited attack surface and proper SQL handling in most cases, the persistent SQL injection vulnerability and the high rate of unescaped output represent significant risks. The vulnerability history, particularly the single medium CVE which remains unpatched, suggests a potential lack of rigorous security testing or a delay in addressing reported issues.  Users should be cautious due to the unpatched SQL injection vulnerability and the potential for XSS due to insufficient output escaping.",[289,292],{"reason":290,"points":291},"Unpatched medium severity CVE",15,{"reason":293,"points":106},"Low percentage of properly escaped output","2026-03-16T22:54:03.613Z",{"wat":296,"direct":305},{"assetPaths":297,"generatorPatterns":300,"scriptPaths":301,"versionParams":302},[298,299],"\u002Fwp-content\u002Fplugins\u002Fvertical-scroll-slideshow-gallery-v2\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fvertical-scroll-slideshow-gallery-v2\u002Fscript.js",[],[299],[303,304],"vertical-scroll-slideshow-gallery-v2\u002Fstyle.css?ver=","vertical-scroll-slideshow-gallery-v2\u002Fscript.js?ver=",{"cssClasses":306,"htmlComments":308,"htmlAttributes":310,"restEndpoints":317,"jsGlobals":318,"shortcodeOutput":325},[307],"hsas-widget",[309],"\u003C!-- Vertical scroll slideshow gallery v2 -->",[311,312,313,314,315,316],"id=\"vs2_main\"","id=\"vs2_first\"","id=\"vs2_second\"","id=\"vs2_main2\"","id=\"vs2_first2\"","id=\"vs2_second2\"",[],[319,320,321,322,323,324],"vs2_slideimages","vs2_scrollerwidth","vs2_scrollerheight","vs2_pausebetweenimages","ie","dom",[326,327],"[vertical-scroll-slideshow-gallery group=","No records found, please check your short code"]