Wpclever Wpc Smart Messages For Woocommerce
4 CVEs affecting Wpclever Wpc Smart Messages For Woocommerce. Latest disclosed: 2026-04-28. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10436 | High | 8.8 | 2024-10-29 | The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condi… |
CVE-2025-62903 | Medium | 6.5 | 2025-10-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPClever WPC Smart Messages for WooCommerce wpc-smart-mes… |
CVE-2026-6725 | Medium | 6.4 | 2026-04-28 | The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the `wpcsm_text_rotator` s… |
CVE-2024-10437 | Medium | 4.3 | 2024-10-29 | The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability chec… |