WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin WP SMS versions = 7.2.1...

CVE-2026-28136 WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through = 6.9.12...

CVE-2026-25343

CVE-2026-25343 is a DOM-based XSS in the VeronaLabs WP SMS wp-sms WordPress plugin (

WordPress plugin WP SMS 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress WP SMS Plugin <= 6.3.4 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Type Plugin Vulnerable versions = 6.3.4 Fixed in 6.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25920 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2e899db47af6 Credits Khalid Yusuf Required privilege Contributor...

WordPress WP SMS Plugin <= 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Type Plugin Vulnerable versions = 6.5.1 Fixed in 6.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b81910d51fc0 Credits WordFence Required privilege Contributor...

CVE-2023-27447

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.0.4...

CVE-2023-32742

Unauth. Reflected Cross-Site Scripting XSS vulnerability in VeronaLabs WP SMS plugin = 6.1.4 versions...

CVE-2023-32742

Unauth. Reflected Cross-Site Scripting XSS vulnerability in VeronaLabs WP SMS plugin = 6.1.4 versions...

WordPress SMS for WooCommerce Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)

Software SMS for WooCommerce Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0418ff42f218 Credits Rafie Muhammad Patchstack Requir...

WordPress WP SMS Plugin <= 6.1.4 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Type Plugin Vulnerable versions = 6.1.4 Fixed in 6.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32742 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID aa3cfae9ba33 Credits Le Ngoc Anh Required...