Lucene search
VeronalabsWp Sms
2 matches found
CVE-2024-34811
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.5.1.
5.9CVSS6.6AI score0.00164EPSS
CVE-2021-24561
The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_group_name" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue
5.4CVSS5.3AI score0.00202EPSS