cleantalk
Vulnerabilities and Security Researches

WP Google Review Slider, CVE-2019-25745

CVE, Research URL

CVE-2019-25745

Home page URL

Security reports for WP Google Review Slider

Application

WP Google Review Slider

Published on
Jun 04, 2026
Research Description
WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid' values to extract sensitive database information using time-based blind SQL injection techniques.
Affected versions
max 6.1.
Status
vulnerable
Previous vulnerability researches
Support Ticket System (CVE-2015-7670) , Jun 10, 2024
New vulnerability
Slider by Soliloquy – Responsive Image Slider for WordPress (CVE-2019-25743) , Jun 06, 2026
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-49771) , Jun 06, 2026
Popup Builder – Create highly converting, mobile friendly marketing popups. (CVE-2019-25744) , Jun 06, 2026
WP Google Review Slider (CVE-2019-25745) , Jun 06, 2026
LMS by Masteriyo – WordPress Learning Management System, eLearning Platform, Online Education System & Online Course (CVE-2026-42743) , Jun 05, 2026