| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6490 | QueryMine sms GET Request Parameter deletecourse.php sql injection | QueryMine | sms | High | 7.3 | 2026-04-17 13:15:11 | Deep Dive |
| CVE-2026-6489 | QueryMine sms Background Management addteacher.php unrestricted upload | QueryMine | sms | Medium | 6.3 | 2026-04-17 13:00:21 | Deep Dive |
| CVE-2026-6488 | QueryMine sms GET Request Parameter editcourse.php sql injection | QueryMine | sms | Medium | 6.3 | 2026-04-17 12:45:11 | Deep Dive |
| CVE-2026-32373 | WordPress SMS Alert Order Notifications plugin <= 3.9.0 - Broken Access Control vulnerability | Cozy Vision | SMS Alert Order Notifications | 中危 | - | 2026-03-13 11:42:07 | Deep Dive |
| CVE-2018-25173 | Rmedia SMS 1.0 SQL Injection via editgrp.php | Sms | Rmedia SMS | High | 8.2 | 2026-03-06 12:19:04 | Deep Dive |
| CVE-2026-28136 | WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability | VeronaLabs | WP SMS | - | - | 2026-02-26 08:33:37 | Deep Dive |
| CVE-2026-22352 | WordPress Persian Woocommerce SMS plugin <= 7.1.1 - Reflected Cross Site Scripting (XSS) vulnerability | PersianScript | Persian Woocommerce SMS | - | - | 2026-02-20 15:47:01 | Deep Dive |
| CVE-2025-68031 | WordPress افزونه پیامک حرفه ای فراز اس ام اس plugin <= 2.7.3 - Reflected Cross Site Scripting (XSS) vulnerability | faraz sms | افزونه پیامک حرفه ای فراز اس ام اس | - | - | 2026-02-20 15:46:36 | Deep Dive |
| CVE-2026-25343 | WordPress WP SMS plugin <= 7.1 - Cross Site Scripting (XSS) vulnerability | VeronaLabs | WP SMS | - | - | 2026-02-19 08:26:59 | Deep Dive |
| CVE-2026-2676 | GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization | GoogTech | sms-ssm | Medium | 6.3 | 2026-02-18 22:02:07 | Deep Dive |
| CVE-2025-14799 | Brevo - Email, SMS, Web Push, Chat, and more. <= 3.3.0 - Unauthenticated Authorization Bypass via Type Juggling | neeraj_slit | Brevo – Email, SMS, Web Push, Chat, and more. | Medium | 6.5 | 2026-02-18 11:26:04 | Deep Dive |
| CVE-2025-14948 | miniOrange OTP Verification and SMS Notification for WooCommerce <= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings Modification | cyberlord92 | miniOrange OTP Verification and SMS Notification for WooCommerce | Medium | 5.3 | 2026-01-10 07:03:56 | Deep Dive |
| CVE-2025-13077 | افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce <= 1.3.5 - Unauthenticated Time-Based Blind SQL Injection | payamito | افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce | High | 7.5 | 2025-12-13 04:31:27 | Deep Dive |
| CVE-2025-66086 | WordPress SMS Alert Order Notifications plugin <= 3.8.8 - Broken Access Control vulnerability | Cozy Vision | SMS Alert Order Notifications | Medium | 5.3 | 2025-11-21 12:29:58 | Deep Dive |
| CVE-2023-7327 | Ozeki SMS Gateway <= 10.3.208 Unauthenticated Arbitrary File Read | Ozeki Ltd. | Ozeki SMS Gateway | 中危 | - | 2025-11-12 22:07:07 | Deep Dive |
| CVE-2025-12580 | SMS for WordPress <= 1.1.8 - Reflected Cross-Site Scripting | stanleychoi | SMS for WordPress | Medium | 6.1 | 2025-11-05 03:27:57 | Deep Dive |
| CVE-2025-62915 | WordPress SMS Contact Form 7 Notifications by ClickSend plugin <= 1.4.0 - Broken Access Control vulnerability | clicksend | SMS Contact Form 7 Notifications by ClickSend | Medium | 4.3 | 2025-10-27 01:33:55 | Deep Dive |
| CVE-2025-62006 | WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability | VeronaLabs | WP SMS | Medium | 5.4 | 2025-10-22 14:32:48 | Deep Dive |
| CVE-2025-49915 | WordPress SMS Alert Order Notifications plugin <= 3.8.5 - SQL Injection vulnerability | Cozy Vision | SMS Alert Order Notifications | Critical | 9.3 | 2025-10-22 14:32:12 | Deep Dive |
| CVE-2025-9967 | Orion SMS OTP Verification <= 1.1.7 - Authentication Bypass via Account Takeover | gsayed786 | Orion SMS OTP Verification. | Critical | 9.8 | 2025-10-15 08:26:00 | Deep Dive |