46 matches found
CVE-2025-14948
The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enablewcsmsnotification AJAX action in all versions up to, and including, 4.3.8. This makes it possible for...
WordPress plugin miniOrange OTP Verification and SMS Notification for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2017-18495
The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS...
CVE-2025-62915
Missing Authorization vulnerability in clicksend SMS Contact Form 7 Notifications by ClickSend clicksend-contactform7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Contact Form 7 Notifications by ClickSend: from n/a through = 1.4.0...
EUVD-2009-2805
Malware in sbrugna...
EUVD-2022-49120
Malicious code in bioql PyPI...
EUVD-2023-55576
Malicious code in bioql PyPI...
EUVD-2024-19718
Malicious code in bioql PyPI...
CVE-2023-50843
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a through 3.0.4...
CVE-2022-0837
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious...
CVE-2018-11631
Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy BLE traffic...
CVE-2009-2815
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service NULL pointer dereference and service interruption via a crafted SMS message...
CVE-2025-26984 WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Reflected XSS.This issue affects SMS Alert Order Notifications: from n/a through = 3.7.8...
SUSE CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
DEBIAN-CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
CVE-2024-22122 AT(GSM) Command Injection
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
CVE-2024-22122 AT(GSM) Command Injection
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...