Veronalabs Wp Sms
9 CVEs affecting Veronalabs Wp Sms. Latest disclosed: 2026-06-15. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-28136 | High | 7.6 | 2026-02-26 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue… |
CVE-2023-32742 | High | 7.1 | 2023-08-30 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in VeronaLabs WP SMS plugin <= 6.1.4 versions. |
CVE-2026-40790 | Medium | 6.5 | 2026-06-15 | Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. |
CVE-2024-25920 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP… |
CVE-2026-25343 | Medium | 5.9 | 2026-02-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue… |
CVE-2024-34811 | Medium | 5.9 | 2024-05-14 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP… |
CVE-2025-62006 | Medium | 5.4 | 2025-10-22 | Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through <= 7.0.1. |
CVE-2024-43331 | Medium | 5.3 | 2024-08-22 | Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3. |
CVE-2024-30454 | Medium | 4.3 | 2024-03-29 | Cross-Site Request Forgery (CSRF) vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.6.2. |