cleantalk
Vulnerabilities and Security Researches

SMS Alert Order Notifications – WooCommerce, CVE-2025-66086

CVE, Research URL

CVE-2025-66086

Home page URL

Security reports for SMS Alert Order Notifications – WooCommerce

Application

SMS Alert Order Notifications – WooCommerce

Published on
Nov 21, 2025
Research Description
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.8.
Affected versions
max 3.8.8.
Status
vulnerable
Previous vulnerability researches
Admin SMS Alert (CVE-2024-51637) , Nov 05, 2024
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2024-11725) , Jan 08, 2025
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2026-32373) , Mar 29, 2026
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-66086) , Dec 10, 2025
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-3878) , May 11, 2025
New vulnerability
WP Booking Calendar (CVE-2026-32358) , Mar 29, 2026
Subscriptions for WooCommerce &#8211; Subscription Plugin for Collecting Recurring Revenue, Sell Membership Subscription Servic (CVE-2026-24372) , Mar 29, 2026
Meta Box &#8211; WordPress Custom Fields Framework (CVE-2025-14675) , Mar 29, 2026
Admin and Site Enhancements (ASE) (CVE-2026-32423) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2026-28135) , Mar 29, 2026