cleantalk
Vulnerabilities and Security Researches

WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc, fc2d7281-abec-475b-8e8d-8dbc47de78da

CVE, Research URL

fc2d7281-abec-475b-8e8d-8dbc47de78da

Home page URL

Security reports for WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc

Application

WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc

Published on
-
Research Description
WSMS (formerly WP SMS) – SMS &amp; MMS Notifications with OTP and 2FA for WooCommerce [wp-sms] < 6.2.0 WP SMS &lt; 6.2.0 - User Unsubscribe via CSRF The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Affected versions
max 6.2.0.
Status
vulnerable
Previous vulnerability researches
BP Group Documents (8baef861c378b15eb8c204ede505bfadd5814db1) , Jun 07, 2024
BP Group Documents (6680bcfa-bc62-472f-8f56-22c84276297d) , Jun 16, 2026
BP Group Documents (5063acc729c4a8181d4837a67fa533b9338c53d7) , Jun 16, 2026
BP Group Documents (98d70764-8d00-4faa-8b52-89a1c27dc69e) , Jun 16, 2026
BP Group Documents (51acb6f4-f861-44b2-bf18-40ce0e63b92f) , Jun 16, 2026
New vulnerability
Request a Quote (359a61d5705c479c547aeae7536b6ad5e6d3b1c8) , Jun 16, 2026
Request a Quote (6eba2aa8fd71d4ea7dd969e0a5b52e3f1366a2fa) , Jun 16, 2026
Request a Quote (4bc92bf8b452fa0f54703c576853e3a3e56157bd) , Jun 16, 2026
Request a Quote (5e7ad671f8a77a469a90b6a2aae807bbb1bc5199) , Jun 16, 2026
WP Tools Divi Product Carousel (d2857175794c39e5c1d58063dbe17bd1f0436931) , Jun 16, 2026