PT-2022-25172 · Twilio · Twilio

Name of the Vulnerable Software and Affected Versions: Donation Button WordPress plugin versions through 4.0.0 Description: The issue concerns a lack of proper privilege and nonce token checks in the donation button twilio send test sms AJAX action. This may allow users with an account on the...

WordPress Amelia plugin Amelia SMS service authorization issue vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. WordPress Amelia plugin is vulnerable to a...

CVE-2022-0837

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious...

PT-2022-13461 · WordPress · Amelia

Name of the Vulnerable Software and Affected Versions: Amelia WordPress plugin versions prior to 1.0.48 Description: The issue allows any customer to send paid test SMS notifications and retrieve sensitive information about the admin, such as email, account balance, and payment history. A malicio...