cleantalk
Vulnerabilities and Security Researches

SMS Alert Order Notifications – WooCommerce, CVE-2025-49915

CVE, Research URL

CVE-2025-49915

Home page URL

Security reports for SMS Alert Order Notifications – WooCommerce

Application

SMS Alert Order Notifications – WooCommerce

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.5.
Affected versions
max 3.8.5.
Status
vulnerable
Previous vulnerability researches
TableOn &#8211; WordPress Posts Table Filterable  (CVE-2025-32569) , Apr 13, 2025
TableOn &#8211; WordPress Posts Table Filterable  (3baac97a62718d22a0676a3b26aea087baf75743) , Jun 07, 2024
TableOn &#8211; WordPress Posts Table Filterable  (CVE-2025-5143) , Jul 03, 2025
TableOn &#8211; WordPress Posts Table Filterable  (CVE-2025-32218) , Apr 06, 2025
TableOn &#8211; WordPress Posts Table Filterable  (CVE-2025-32592) , Apr 19, 2025
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates &amp; Open Badges &#8211; Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu &#8211; PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025