Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress allows SQL Injection. This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through 1.4.
CVE ID: CVE-2025-31640
CVSS Base Severity: HIGH
CVSS Base Score: 8.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Vendor: LambertGroup
Product: Magic Responsive Slider and Carousel WordPress
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 7.98% (scored less or equal to compared to others)
EPSS Date: 2025-06-06 (when was this score calculated)