cleantalk
Vulnerabilities and Security Researches

SMS Alert Order Notifications – WooCommerce, CVE-2025-49915

CVE, Research URL

CVE-2025-49915

Home page URL

Security reports for SMS Alert Order Notifications – WooCommerce

Application

SMS Alert Order Notifications – WooCommerce

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.5.
Affected versions
max 3.8.5.
Status
vulnerable
Previous vulnerability researches
WP Logo Changer (CVE-2025-53245) , Nov 10, 2025
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates &amp; Open Badges &#8211; Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu &#8211; PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025