SQL Injection Vulnerability | WordPress.org

Resolved techguysa
(@techguysa)

9 months, 1 week ago

WordPress SMS Alert Order Notifications – WooCommerce <= 3.8.2 – SQL Injection Vulnerability
SQL Injection Vulnerability discovered by astra.r3verii in WordPress Plugin SMS Alert Order Notifications – WooCommerce (versions <= 3.8.2)

Getting warnings on your version

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/sms-alert/sms-alert-order-notifications-woocommerce-378-unauthenticated-sql-injection

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Cozy Vision
(@cozyvision1)

9 months, 1 week ago

Thank you for contacting us.

We are aware of the recent security report regarding a potential SQL Injection vulnerability in our plugin (versions <= 3.8.2).

We are currently investigating this report and have already shared the details with our development team for further analysis.
We take such reports seriously and will provide an official update as soon as the investigation is complete.

We appreciate your patience and thank the security community for bringing this to our attention.

Plugin Author Cozy Vision
(@cozyvision1)

9 months, 1 week ago

The issue has been addressed in latest plugin update.

Please update to version 3.8.3

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘SQL Injection Vulnerability’ is closed to new replies.

3 replies
2 participants
Last reply from: Cozy Vision
Last activity: 9 months, 1 week ago
Status: resolved