2 matches found
CVE-2017-17780
CVE-2017-17780 describes a Reflected XSS in the Clockwork SMS WordPress integration. The vulnerability resides in clockwork-test-message.php and is triggered by a crafted value in the GET parameter to, e.g., wp-admin/admin.php?page=clockwork_test_message. The issue affects multiple plugins that e...
CVE-2023-50843
CVE-2023-50843 pertains to Clockwork SMS Notfications for WordPress. The vulnerability is an SQL Injection due to improper input handling in the plugin, affecting versions from n/a up to 3.0.4. The exploitation would be via an authenticated context (Authenticated(Administrator+) as indicated in r...