Vulnerabilities in veronalabs
39 resultsCVE-2024-43331MEDIUMWordPress WP SMS plugin <= 6.9.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-40790MEDIUMWordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2026-1238HIGHSlimStat Analytics <= 5.3.5 - Unauthenticated Stored Cross-Site Scripting via 'fh'EPSS 0.3%CVE-2024-25920MEDIUMWordPress WP SMS plugin <= 6.3.4 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-3488MEDIUMWP Statistics <= 14.16.4 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure and Privacy Audit ManipulationEPSS 0.3%CVE-2026-28136HIGHWordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerabilityEPSS 0.3%CVE-2025-62006MEDIUMWordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27410MEDIUMWordPress Slimstat Analytics plugin < 5.4.0 - Deserialization of untrusted data vulnerabilityEPSS 0.3%CVE-2023-6980MEDIUMWP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber DeletionEPSS 0.2%CVE-2025-15057HIGHSlimStat Analytics <= 5.3.3 - Unauthenticated Stored Cross-Site Scripting via 'fh' ParameterEPSS 0.2%CVE-2025-15055HIGHSlimStat Analytics <= 5.3.4 - Unauthenticated Stored Cross-Site Scripting via 'notes/resource' ParametersEPSS 0.2%CVE-2024-30454MEDIUMWordPress WP SMS plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-13431MEDIUMSlimStat Analytics <= 5.3.1 - Authenticated (Subscriber+) SQL Injection via `args` ParameterEPSS 0.2%CVE-2025-3953MEDIUMWP Statistics – The Most Popular Privacy-Friendly Analytics Plugin <= 14.13.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings UpdateEPSS 0.2%CVE-2026-48839HIGHWordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-54818HIGHWordPress Slimstat Analytics plugin <= 5.4.11 - SQL Injection vulnerabilityEPSS 0.2%CVE-2025-55716MEDIUMWordPress WP Statistics Plugin <= 14.15 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-69323HIGHWordPress Slimstat Analytics plugin <= 5.3.2 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-25343MEDIUMWordPress WP SMS plugin <= 7.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%