Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 95 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-13791 Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function bitpressadminChat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist Medium 4.9 2025-02-14 11:10:58 Deep Dive
CVE-2025-23607 WordPress CAMOO SMS plugin <= 3.0.1 - Reflected Cross Site Scripting (XSS) vulnerability Camoo SarlCAMOO SMS High 7.1 2025-01-22 14:29:17 Deep Dive
CVE-2024-56284 WordPress SSL Wireless SMS Notification Plugin <= 3.5.0 - SQL Injection vulnerability sslpluginsSSL Wireless SMS Notification Critical 9.3 2025-01-07 10:49:19 Deep Dive
CVE-2024-11725 SMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update cozyvision1SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery High 8.8 2025-01-07 06:40:56 Deep Dive
CVE-2024-11434 WP – Bulk SMS – by SMS.to <= 1.0.12 - Reflected Cross-Site Scripting intergotelecomWP – Bulk SMS – by SMS.to Medium 6.1 2025-01-07 04:21:56 Deep Dive
CVE-2024-56220 WordPress SSL Wireless SMS Notification plugin <= 3.6.0 - Privilege Escalation vulnerability sslpluginsSSL Wireless SMS Notification Critical 9.8 2024-12-31 10:05:04 Deep Dive
CVE-2024-12220 SMS for WooCommerce <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting theafricanbossSMS for WooCommerce Medium 6.1 2024-12-17 07:23:16 Deep Dive
CVE-2024-54312 WordPress افزونه پیامک ووکامرس Persian WooCommerce SMS plugin <= 7.0.5 - Reflected Cross Site Scripting (XSS) vulnerability PersianScriptPersian Woocommerce SMS High 7.1 2024-12-13 14:25:21 Deep Dive
CVE-2023-48287 WordPress TextMe SMS plugin <= 1.9.0 - Broken Access Control vulnerability Matat TechnologiesTextMe SMS Medium 5.4 2024-12-09 11:30:30 Deep Dive
CVE-2024-11353 SMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion clicksendSMS for Lead Capture Forms Medium 4.3 2024-12-07 01:45:52 Deep Dive
CVE-2024-10046 افزونه پیامک ووکامرس Persian WooCommerce SMS <= 7.0.5 - Reflected Cross-Site Scripting persianscriptافزونه پیامک ووکامرس Persian WooCommerce SMS Medium 6.1 2024-12-07 01:45:49 Deep Dive
CVE-2024-53784 WordPress Smart Marketing SMS and Newsletters Forms plugin <= 5.0.4 - Broken Access Control vulnerability E-goiSmart Marketing SMS and Newsletters Forms Medium 4.3 2024-12-02 13:48:27 Deep Dive
CVE-2024-51637 WordPress Admin SMS Alert plugin <= 1.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability sroyaltyAdmin SMS Alert High 7.1 2024-11-19 16:32:28 Deep Dive
CVE-2024-51688 WordPress FraudLabs Pro SMS Verification plugin <= 1.10.1 - CSRF to Stored XSS vulnerability fraudlabsproFraudLabs Pro SMS Verification High 7.1 2024-11-14 20:04:08 Deep Dive
CVE-2024-10233 SMSAlert - WooCommerce <= 3.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_subscribe Shortcode cozyvision1SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery Medium 6.4 2024-10-29 11:01:36 Deep Dive
CVE-2024-9213 Persian WooCommerce SMS <= 7.0.2 - Reflected Cross-Site Scripting persianscriptافزونه پیامک ووکامرس Persian WooCommerce SMS Medium 6.1 2024-10-17 06:52:34 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-39657 WordPress Sender plugin <= 2.6.18 - Cross Site Request Forgery (CSRF) vulnerability SenderSender – Newsletter, SMS and Email Marketing Automation for WooCommerce Medium 4.3 2024-08-26 20:54:09 Deep Dive
CVE-2024-43331 WordPress WP SMS plugin <= 6.9.3 - Broken Access Control vulnerability VeronaLabsWP SMS Medium 5.3 2024-08-22 11:29:45 Deep Dive
CVE-2024-43126 WordPress Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce plugin <= 2.6.14 - Cross Site Scripting (XSS) vulnerability SenderSender – Newsletter, SMS and Email Marketing Automation for WooCommerce High 7.1 2024-08-12 22:34:23 Deep Dive