CVE-2025-68010

CVE-2025-68010 is a Reflected XSS in the WordPress Netgsm plugin. Affected: Netgsm

CVE-2025-60143

Netgsm plugin for WordPress (Netgsm), versions up to 2.9.58, has a Missing Authorization (Broken Access Control) vulnerability due to incorrectly configured access control levels. The CVE-2025-60143 entry is listed as Unpatched in the provided documents; exploitation status and mitigations are no...

WordPress Netgsm Plugin <= 2.9.19 is vulnerable to Broken Access Control

Software Netgsm Type Plugin Vulnerable versions = 2.9.19 Fixed in 2.9.20 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35672 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ec4277f3436d Credits Majed Refaea Required privilege...

WordPress Netgsm Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)

Software Netgsm Type Plugin Vulnerable versions = 2.8 Fixed in 2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32544 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 046a3267c000 Credits Majed Refaea Required privilege Unauthenticat...