Sms Alert Order Notifications Security Vulnerabilities and Issues — Sms Alert Order Notifications CVE List

Lucene search

CozyvisionSms Alert Order Notifications

7 matches found

CVE•added 2025/05/10 12:15 p.m.•51 views

CVE-2025-3876

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with Su...

8.8CVSS8.6AI score0.00065EPSS

CVE•added 2025/03/03 2:15 p.m.•50 views

CVE-2025-26988

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications – WooCommerce allows SQL Injection. This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.7.8.

9.3CVSS9.6AI score0.00056EPSS

CVE•added 2025/03/03 2:15 p.m.•48 views

CVE-2025-26984

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozy Vision SMS Alert Order Notifications – WooCommerce allows Reflected XSS. This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.7.8.

7.1CVSS7AI score0.00059EPSS

CVE•added 2025/05/12 7:15 p.m.•48 views

CVE-2025-47682

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.8.2.

9.8CVSS7.7AI score0.00046EPSS

CVE•added 2025/05/10 12:15 p.m.•47 views

CVE-2025-3878

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_verify shortcode in all versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it po...

6.4CVSS5.7AI score0.00041EPSS

CVE•added 2025/04/01 12:15 p.m.•41 views

CVE-2024-13553

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.7.9. This is due to the plugin using the Host header to determine if the plugin is in a playground environment. This makes it possi...

9.8CVSS7.6AI score0.00139EPSS

CVE•added 2025/01/07 7:15 a.m.•37 views

CVE-2024-11725

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the updateWcWarrantySettings() function in all versions up to, and including, 3.7.6. This makes it possi...

8.8CVSS8.8AI score0.00174EPSS