cleantalk
Vulnerabilities and Security Researches

WANotifier – Send Message Notifications Using Cloud API, CVE-2025-68020

CVE, Research URL

CVE-2025-68020

Home page URL

Security reports for WANotifier – Send Message Notifications Using Cloud API

Application

WANotifier – Send Message Notifications Using Cloud API

Published on
Jan 22, 2026
Research Description
Missing Authorization vulnerability in WANotifier WANotifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WANotifier: from n/a through <= 2.7.12.
Affected versions
max 2.7.12.
Status
vulnerable
Previous vulnerability researches
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2026-24559) , Jan 27, 2026
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-68590) , Jan 10, 2026
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms (56cb8480-1791-4990-8fc7-2cb98a10c207) , Jun 06, 2024
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2024-34756) , Jun 06, 2024
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2023-31095) , Jun 06, 2024
New vulnerability
Custom Fonts &#8211; Host Your Fonts Locally (CVE-2025-14351) , Jan 28, 2026
SiteLock Security (CVE-2026-24532) , Jan 28, 2026
Civic Cookie Control (CVE-2026-22348) , Jan 28, 2026
Event Manager, Events Calendar, Events Tickets for WooCommerce &#8211; Eventin (CVE-2025-14657) , Jan 28, 2026
Event Manager, Events Calendar, Events Tickets for WooCommerce &#8211; Eventin (CVE-2025-68047) , Jan 28, 2026