CVE-2026-32373

CVE-2026-32373 concerns the WordPress plugin SMS Alert Order Notifications (versions

WordPress plugin SMS Alert Order Notifications 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-49915 WordPress SMS Alert Order Notifications plugin <= 3.8.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.5...

EUVD-2025-14278

Malicious code in bioql PyPI...

EUVD-2025-5626

Malicious code in bioql PyPI...

CVE-2025-47682

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.1...

CVE-2025-47682

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.1...

CVE-2025-3878 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_verify Shortcode

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's saverify shortcode in all versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-3876 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with...

WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.9 - Unauthenticated Account Takeover/Privilege Escalation vulnerability

Unauthenticated Account Takeover/Privilege Escalation vulnerability discovered by Lucio Sá in WordPress Plugin SMS Alert Order Notifications versions = 3.7.9...

CVE-2025-26988

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through = 3.7.8...

CVE-2025-26984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Reflected XSS.This issue affects SMS Alert Order Notifications: from n/a through = 3.7.8...

CVE-2025-26984

CVE-2025-26984 is a Reflected XSS in the WordPress plugin SMS Alert Order Notifications – WooCommerce (vulnerable from n/a through 3.7.8). Public sources classify impact as MEDIUM to HIGH depending on scoring source (NVD CVSSv3.1: 6.1; Patchstack CNA: 7.1). The vulnerability affects The Cozy Visi...

WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin SMS Alert Order Notifications versions = 3.7.8...

CVE-2024-10233 SMSAlert - WooCommerce <= 3.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_subscribe Shortcode

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sasubscribe shortcode in all versions up to, and including, 3.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

CVE-2024-10233

CVE-2024-10233 affects the SMS Alert Order Notifications – WooCommerce WordPress plugin. It is vulnerable in all versions up to and including 3.7.5 due to insufficient input sanitization and output escaping on the sa_subscribe shortcode attributes, enabling an authenticated attacker with contribu...

CVE-2024-1489

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for unauthenticated attacker...

CVE-2024-1489

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for unauthenticated attacker...

SMS Alert Order Notifications – WooCommerce < 3.7.0 - Cross-Site Request Forgery

Description The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for...

WordPress 插件跨站脚本漏洞

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress plugin, which stems from a cross-site scripting XSS vulnerability in the settings page of the SMS Alert Order Notifications...