SQL Injection Vulnerability in Pixelating Image Slideshow Gallery by gopiplus
CVE-2025-30979

8.5HIGH

Key Information:

Vendor: WordPress
Status: Pixelating Image Slideshow Gallery
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-30979?

A vulnerability exists in the Pixelating Image Slideshow Gallery developed by gopiplus where improper neutralization of special elements used in SQL commands allows for SQL Injection attacks. This vulnerability may allow an attacker to manipulate database queries, leading to unauthorized data exposure or modification. All versions from n/a through 8.0 are affected, making it crucial for users to patch their installations promptly to maintain security.

Affected Version(s)

Pixelating image slideshow gallery <= 8.0

References

https://patchstack.com/database/wordpress/plugin/pixelati...

vdb-entry

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Mar 26, 2025

Credit

Peter Thaleikis (Patchstack Alliance)