CVE-2025-9198 | Wp Cycle Text Announcement Plugin up to 8.1 on WordPress Shortcode cycle-text sql injection

A vulnerability identified as critical has been detected in Wp Cycle Text Announcement Plugin up to 8.1 on WordPress. The impacted element is the function cycle-text of the component Shortcode Handler. This manipulation causes sql injection.

The identification of this vulnerability is CVE-2025-9198. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More