| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-24881 | WordPress WP SMS Plugin <= 6.5.2 is vulnerable to Cross Site Scripting (XSS) | VeronaLabs | WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc | High | 7.1 | 2024-02-08 11:19:22 | Deep Dive |
| CVE-2023-6980 | WP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber Deletion | veronalabs | WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce | Medium | 4.3 | 2024-01-03 05:31:19 | Deep Dive |
| CVE-2023-6981 | WP SMS <= 6.5 - Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting | veronalabs | WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce | Medium | 6.1 | 2024-01-03 05:31:19 | Deep Dive |
| CVE-2023-27447 | WordPress WP SMS Plugin <= 6.0.4 is vulnerable to Sensitive Data Exposure | VeronaLabs | WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc | Medium | 5.3 | 2023-12-28 10:53:55 | Deep Dive |
| CVE-2023-2701 | Gravity Forms < 2.7.5 - Reflected XSS | Unknown | gravityforms | 中危 | - | 2023-07-17 13:30:01 | Deep Dive |
| CVE-2023-2326 | Gravity Forms Google Sheet Connector < 1.3.5 - Access Code Update via CSRF | Unknown | Gravity Forms Google Sheet Connector | 中危 | - | 2023-06-27 13:17:25 | Deep Dive |