| CVE-2025-5955 | Service Finder SMS System <= 2.0.0 - Authentication Bypass | aonetheme | Service Finder SMS System | High | 8.1 | 2025-09-19 04:27:05 | Deep Dive |
| CVE-2025-5954 | Service Finder SMS System <= 2.0.0 - Unauthenticated Privilege Escalation | aonetheme | Service Finder SMS System | Critical | 9.8 | 2025-08-01 02:24:18 | Deep Dive |
| CVE-2025-7692 | Orion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTP | gsayed786 | Orion Login with SMS | High | 8.1 | 2025-07-22 09:22:43 | Deep Dive |
| CVE-2025-49315 | WordPress Persian Woocommerce SMS plugin <= 7.0.10 - SQL Injection Vulnerability | PersianScript | Persian Woocommerce SMS | High | 7.6 | 2025-06-06 12:53:52 | Deep Dive |
| CVE-2025-47682 | WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.8.1 - SQL Injection Vulnerability | Cozy Vision | SMS Alert Order Notifications | - | - | 2025-05-12 18:19:44 | Deep Dive |
| CVE-2025-3876 | SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function | cozyvision1 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | High | 8.8 | 2025-05-10 11:22:46 | Deep Dive |
| CVE-2025-3878 | SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_verify Shortcode | cozyvision1 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | Medium | 6.4 | 2025-05-10 11:22:46 | Deep Dive |
| CVE-2025-3776 | Verification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code Execution | cajka | Verification SMS with TargetSMS | High | 8.3 | 2025-04-24 08:23:53 | Deep Dive |
| CVE-2025-31789 | WordPress TextMe SMS plugin <= 1.9.1 - Broken Access Control vulnerability | Matat Technologies | TextMe SMS | Medium | 6.5 | 2025-04-03 13:27:14 | Deep Dive |
| CVE-2024-13553 | SMS Alert Order Notifications – WooCommerce <= 3.7.9 - Unauthenticated Account Takeover/Privilege Escalation | cozyvision1 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | Critical | 9.8 | 2025-04-01 11:12:29 | Deep Dive |
| CVE-2025-2983 | Legrand SMS PowerView os command injection | Legrand | SMS PowerView | Medium | 5.5 | 2025-03-31 08:00:09 | Deep Dive |
| CVE-2025-2982 | Legrand SMS PowerView file inclusion | Legrand | SMS PowerView | Medium | 6.3 | 2025-03-31 07:31:04 | Deep Dive |
| CVE-2025-2981 | Legrand SMS PowerView cross site scripting | Legrand | SMS PowerView | Low | 3.5 | 2025-03-31 07:00:10 | Deep Dive |
| CVE-2025-2980 | Legrand SMS PowerView redirect | Legrand | SMS PowerView | Low | 3.5 | 2025-03-31 06:31:04 | Deep Dive |
| CVE-2025-31457 | WordPress LWS SMS plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) Vulnerability | Aurélien LWS | LWS SMS | Medium | 5.4 | 2025-03-28 11:54:11 | Deep Dive |
| CVE-2025-26984 | WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - Reflected Cross Site Scripting (XSS) vulnerability | Cozy Vision | SMS Alert Order Notifications | High | 7.1 | 2025-03-03 13:30:42 | Deep Dive |
| CVE-2025-26988 | WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - SQL Injection vulnerability | Cozy Vision | SMS Alert Order Notifications | Critical | 9.3 | 2025-03-03 13:30:42 | Deep Dive |
| CVE-2025-1450 | Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | premio | Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty | Medium | 6.4 | 2025-02-27 09:21:49 | Deep Dive |
| CVE-2025-0822 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-15 12:43:03 | Deep Dive |
| CVE-2024-13791 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 4.9 | 2025-02-14 11:10:58 | Deep Dive |