Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gopiplus — Vulnerabilities & Security Advisories 29

Browse all 29 CVE security advisories affecting gopiplus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Gopiplus operates as a provider of digital signage and content management solutions, primarily serving retail and enterprise environments with networked display systems. Security audits have identified twenty-nine Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem, indicating a history of significant technical debt. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and improper access control mechanisms that facilitate privilege escalation. These flaws often stem from inadequate input validation and weak authentication protocols within the web-based administration interfaces. Notable incidents involve attackers exploiting unpatched RCE vulnerabilities to gain unauthorized shell access, leading to potential data exfiltration and system compromise. The recurring nature of these issues suggests a need for rigorous code review and continuous security monitoring. Organizations relying on gopiplus infrastructure must prioritize immediate patching and network segmentation to mitigate the risk of widespread exploitation across their digital signage networks.

Top products by gopiplus: Image horizontal reel scroll slideshow Wp photo text slider 50 Horizontal scrolling announcement Message ticker Woo superb slideshow transition gallery with random effect New Simple Gallery Vertical scroll slideshow gallery v2 Vertical scroll image slideshow gallery Owl carousel responsive Pixelating image slideshow gallery Cool fade popup iFrame Images Gallery Card flip image slideshow Horizontal scroll image slideshow drop in image slideshow gallery Twitter real time search scrolling Horizontal scrolling announcements Image vertical reel scroll slideshow Information Reel Left right image slideshow gallery Superb slideshow gallery Up down image slideshow gallery WP fade in text news wp image slideshow
CVE IDTitleCVSSSeverityPublished
CVE-2025-9199 Woo superb slideshow transition gallery with random effect <= 9.1 - Authenticated (Contributor+) SQL Injection — Woo superb slideshow transition gallery with random effectCWE-89 6.5 Medium2025-10-03
CVE-2025-58881 WordPress New Simple Gallery Plugin <= 8.0 - SQL Injection Vulnerability — New Simple GalleryCWE-89 8.5 High2025-09-05
CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability — Vertical scroll slideshow gallery v2CWE-89 8.8 High2025-08-15
CVE-2025-5752 Vertical scroll image slideshow gallery <= 11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter — Vertical scroll image slideshow galleryCWE-79 6.4 Medium2025-07-18
CVE-2025-30983 WordPress Card flip image slideshow plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability — Card flip image slideshowCWE-79 6.5 Medium2025-07-04
CVE-2025-30979 WordPress Pixelating image slideshow gallery plugin <= 8.0 - SQL Injection Vulnerability — Pixelating image slideshow galleryCWE-89 8.5 High2025-07-04
CVE-2025-30969 WordPress iFrame Images Gallery plugin <= 9.0 - SQL Injection Vulnerability — iFrame Images GalleryCWE-89 8.5 High2025-07-04
CVE-2025-30947 WordPress Cool fade popup plugin <= 10.1 - SQL Injection Vulnerability — Cool fade popupCWE-89 8.5 High2025-07-04
CVE-2025-5590 Owl carousel responsive <= 1.9 - Authenticated (Contributor+) SQL Injection via id Parameter — Owl carousel responsiveCWE-89 8.8 High2025-06-26
CVE-2025-30533 WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability — Message tickerCWE-79 5.9 Medium2025-03-24
CVE-2024-11884 Wp photo text slider 50 <= 8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Wp photo text slider 50CWE-79 6.4 Medium2024-12-14
CVE-2024-11442 Horizontal scroll image slideshow <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Horizontal scroll image slideshowCWE-79 6.4 Medium2024-12-12
CVE-2024-52492 WordPress Image horizontal reel scroll slideshow plugin <= 13.4 - Stored Cross Site Scripting (XSS) vulnerability — Image horizontal reel scroll slideshowCWE-79 5.9 Medium2024-12-02
CVE-2024-51914 WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability — drop in image slideshow galleryCWE-79 6.5 Medium2024-11-19
CVE-2024-51716 WordPress Twitter real time search scrolling plugin <= 7.0 - Reflected Cross Site Scripting (XSS) vulnerability — Twitter real time search scrollingCWE-79 7.1 High2024-11-09
CVE-2023-5000 Horizontal scrolling announcements <= 2.4 - Authenticated (Contributor+) SQL Injection via Shortcode — Horizontal scrolling announcementsCWE-89 8.8 High2024-08-06
CVE-2023-5413 Image horizontal reel scroll slideshow <= 13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Image horizontal reel scroll slideshowCWE-79 6.4 Medium2023-12-19
CVE-2023-5433 Message ticker <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode — Message tickerCWE-89 8.8 High2023-10-31
CVE-2023-5437 WP fade in text news <= 12.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — WP fade in text newsCWE-89 8.8 High2023-10-31
CVE-2023-5431 Left right image slideshow gallery <= 12.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — Left right image slideshow galleryCWE-89 8.8 High2023-10-31
CVE-2023-5438 wp image slideshow <= 12.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — wp image slideshowCWE-89 8.8 High2023-10-31
CVE-2023-5429 Information Reel <= 10.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — Information ReelCWE-89 8.8 High2023-10-31
CVE-2023-5439 Wp photo text slider 50 <= 8.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — Wp photo text slider 50CWE-89 8.8 High2023-10-31
CVE-2023-5434 Superb slideshow gallery <= 13.1 - Authenticated (Subscriber+) SQL Injection via Shortcode — Superb slideshow galleryCWE-89 8.8 High2023-10-31
CVE-2023-5412 Image horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode — Image horizontal reel scroll slideshowCWE-89 8.8 High2023-10-31
CVE-2023-5435 Up down image slideshow gallery <= 12.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — Up down image slideshow galleryCWE-89 8.8 High2023-10-31
CVE-2023-5428 Image vertical reel scroll slideshow <= 9.0 - Authenticated (Subscriber+) SQL Injection via Shortcode — Image vertical reel scroll slideshowCWE-89 8.8 High2023-10-31
CVE-2023-4999 Horizontal scrolling announcement <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode — Horizontal scrolling announcementCWE-89 8.8 High2023-10-20
CVE-2023-5001 Horizontal scrolling announcement <= 9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Horizontal scrolling announcementCWE-79 6.4 Medium2023-09-16

This page lists every published CVE security advisory associated with gopiplus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.