CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

CVE-2026-40790

The CVE-2026-40790 entry concerns the WordPress WP SMS plugin, versions ≤ 7.2.1, with a Subscriber Sensitive Data Exposure vulnerability. The connected data specify a network-accessible issue with low attacker privileges, no user interaction, and high confidentiality impact (CVSS v3.1 base 6.5, M...

CVE-2022-50960

WordPress International SMS for Contact Form 7 Integration version 1.2 contains a reflected cross-site scripting vulnerability in the page parameter of the admin settings interface. Attackers can inject malicious scripts through the page parameter in class-sms-log-display.php to execute arbitrary...

WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin WP SMS versions = 7.2.1...

CVE-2026-28136 WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through = 6.9.12...

CVE-2026-28136 WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through = 6.9.12...

CVE-2025-68031

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects افزونه پیامک حرفه ای فراز اس ام اس: from n/a through = 2.7.3...

CVE-2025-68031

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects افزونه پیامک حرفه ای فراز اس ام اس: from n/a through = 2.7.3...

CVE-2025-68031 WordPress افزونه پیامک حرفه ای فراز اس ام اس plugin <= 2.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects افزونه پیامک حرفه ای فراز اس ام اس: from n/a through = 2.7.3...

PT-2026-21077

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects افزونه پیامک حرفه ای فراز اس ام اس: from n/a through = 2.7.3...

CVE-2026-25343

CVE-2026-25343 is a DOM-based XSS in the VeronaLabs WP SMS wp-sms WordPress plugin (

WordPress plugin WP SMS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress WP SMS plugin <= 7.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin WP SMS versions = 7.1...

CVE-2017-18555

The booking-sms plugin before 1.1.0 for WordPress has XSS...

CVE-2025-13077

The افزونه پیامک ووکامرس فوق حرفه ای جدید payamito sms woocommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'columns' parameter in all versions up to, and including, 1.3.5. This is due to insufficient escaping on the user supplied parameter and lack of sufficie...

CVE-2025-62006

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

CVE-2025-62006

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

CVE-2025-62006 WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin WP SMS versions = 7.0.1...