[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3iWykeAF-pSMveH4hE5BwYLe9JI57ZxWMTcRSFQVcMM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":53,"analysis":145,"fingerprints":587},"fraudlabs-pro-sms-verification","FraudLabs Pro SMS Verification","1.11.4","fraudlabspro","https:\u002F\u002Fprofiles.wordpress.org\u002Ffraudlabspro\u002F","\u003Cp>FraudLabs Pro SMS Verification helps merchants to automate the user’s phone number authentication via SMS verification in real-time to prevent payment fraud. You can easily enable this feature at several trigger points such as during \u003Cstrong>checkout\u003C\u002Fstrong> process, \u003Cstrong>account creation\u003C\u002Fstrong> or \u003Cstrong>comment form\u003C\u002Fstrong> or so on. An easy and effective way to remove fraudsters or non-serious clients from exploiting your services.\u003C\u002Fp>\n\u003Ch4>Easy to setup\u003C\u002Fh4>\n\u003Cp>The setup is simple and only takes a few minutes. You just need to install the free FraudLabs Pro SMS Verification plugin, enter the API key and configure the settings.\u003C\u002Fp>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>Sign up for a Free license key at \u003Ca href=\"https:\u002F\u002Fwww.fraudlabspro.com\u002Fsign-up\" title=\"https:\u002F\u002Fwww.fraudlabspro.com\u002Fsign-up\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.fraudlabspro.com\u002Fsign-up\u003C\u002Fa>. You will have free 10 SMS credits for you to start using the SMS verification.\u003C\u002Fp>\n\u003Ch4>Support Platforms\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>WooCommerce\u003C\u002Fstrong>\u003Cbr \u002F>\nIt acted as another layer protection for WooCommerce platform. If you are using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffraudlabs-pro-for-woocommerce\u002F\" rel=\"ugc\">FraudLabs Pro Fraud Prevention\u003C\u002Fa> plugin to reduce and eliminate fraud or chargebacks in WooCommerce, then you can leverage on this plugin to help you to automate the phone number verification. It helps to reduce your hassle to manually contact each of them for authentication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Digital Downloads\u003C\u002Fstrong>\u003Cbr \u002F>\nIt acted as another layer protection for Easy Digital Downloads platform. If you are using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffraudlabs-pro-for-easy-digital-downloads\u002F\" rel=\"ugc\">FraudLabs Pro Fraud Prevention\u003C\u002Fa> plugin to reduce and eliminate fraud or chargebacks in Easy Digital Downloads, then you can leverage on this plugin to help you to automate the phone number verification. It helps to reduce your hassle to manually contact each of them for authentication.\u003C\u002Fp>\n\u003Ch4>Supported Forms\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce checkout form\u003C\u002Fli>\n\u003Cli>WooCommerce registration form\u003C\u002Fli>\n\u003Cli>WooCommerce login form\u003C\u002Fli>\n\u003Cli>WordPress default registration form\u003C\u002Fli>\n\u003Cli>WordPress default login form\u003C\u002Fli>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003C\u002Ful>\n","Description: SMS verification help merchants to authenticate the client's phone number via SMS verification to prevent fraudulent orders.",10,12400,60,2,"2026-03-04T02:31:00.000Z","6.9.4","4.6","",[20,7,21,22,23],"contact-form-7","sms","sms-verification","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffraudlabs-pro-sms-verification.1.11.4.zip",99,1,0,"2024-11-01 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-51688","fraudlabs-pro-sms-verification-cross-site-request-forgery-to-stored-cross-site-scripting","FraudLabs Pro SMS Verification \u003C= 1.10.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The FraudLabs Pro SMS Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.10.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.10.1","1.10.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-11-06 13:47:57",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F304b0b69-90bc-416e-9d76-82b176a9de34?source=api-prod",6,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":25,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},3,1010,11,93,"2026-04-04T14:30:45.801Z",[54,76,98,117,132],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":16,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":72,"download_link":73,"security_score":74,"vuln_count":48,"unpatched_count":27,"last_vuln_date":75,"fetched_at":29},"textme-sms-integration","TextMe SMS","2.0.3","Matat Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Famitrotem\u002F","\u003Cp>TextMe SMS Integration allows you to send SMS messages from your WordPress site using the TextMe SMS gateway service.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send SMS notifications for WooCommerce orders\u003C\u002Fli>\n\u003Cli>Contact Form 7 integration\u003C\u002Fli>\n\u003Cli>Elementor Forms integration\u003C\u002Fli>\n\u003Cli>User registration SMS notifications\u003C\u002Fli>\n\u003Cli>Admin OTP\u002F2FA for secure logins\u003C\u002Fli>\n\u003Cli>Phone number login shortcodes\u003C\u002Fli>\n\u003Cli>Out of stock notifications\u003C\u002Fli>\n\u003Cli>Balance monitoring with email alerts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WooCommerce Integration:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>New order notifications (customer and admin)\u003C\u002Fli>\n\u003Cli>Order complete notifications\u003C\u002Fli>\n\u003Cli>Order cancelled notifications\u003C\u002Fli>\n\u003Cli>Pending payment reminders\u003C\u002Fli>\n\u003Cli>Custom order status notifications\u003C\u002Fli>\n\u003Cli>Customer notes via SMS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Login Security:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Two-factor authentication via SMS OTP\u003C\u002Fli>\n\u003Cli>Phone number login support\u003C\u002Fli>\n\u003Cli>International phone number support\u003C\u002Fli>\n\u003C\u002Ful>\n","Send custom SMS messages from your WordPress site to your customers using the TextMe SMS gateway.",600,16869,80,4,"2026-03-12T06:07:00.000Z","5.2","7.4",[20,70,21,71,23],"notifications","text-message","https:\u002F\u002Ftextme.co.il","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftextme-sms-integration.2.0.3.zip",97,"2025-04-03 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":26,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":95,"download_link":96,"security_score":97,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"esms-gui-tin-nhan-sms","eSMS","1.0.2","Le Van Toan","https:\u002F\u002Fprofiles.wordpress.org\u002Flevantoan\u002F","\u003Cp>Plugin này dành riêng cho khách hàng sử dụng dịch vụ của eSMS, giúp quý khách gửi tin nhắn vào số điện thoại của khách hàng khi sử dụng Contact Form 7, NinjaForms hoặc Woocommerce.\u003C\u002Fp>\n\u003Ch4>Include\u003C\u002Fh4>\n\u003Cp>This plugin includes API of eSMS service and has the following functions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fesms.vn\u002FSMSApi\u002FApiGetBalance\" rel=\"nofollow ugc\">API Get Balance\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fesms.vn\u002FSMSApi\u002FApiSendSMSBrandname\" rel=\"nofollow ugc\">API Send SMS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>And more infor here \u003Ca href=\"https:\u002F\u002Fesms.vn\u002Fsms-api\" rel=\"nofollow ugc\">eSMS API DOCS\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>So this plugin use your ApiKey and your SecretKey on eSMS to get balance and send sms.\u003C\u002Fp>\n","eSMS - là plugin dành riêng cho khách hàng sử dụng dịch vụ của eSMS, giúp quý khách gửi tin nhắn vào số điện thoại của khách hàng khi sử dụng Contact  &hellip;",50,3372,100,"2022-06-22T16:42:00.000Z","6.0.11","3.0",[91,21,92,93,94],"esms","sms-for-contact-form-7","sms-for-ninjaform","woocommerce-sms","https:\u002F\u002Fesms.vn\u002Fhuong-dan-tich-hop\u002Fhuong-dan-tich-hop-esms-vao-wordpress-khong-can-viet-code","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fesms-gui-tin-nhan-sms.1.0.2.zip",85,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":11,"downloaded":106,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":107,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":114,"download_link":115,"security_score":86,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":116},"cf7-otp-sms-verification","Contact Form 7 OTP SMS Verification","1.0.1","WIT Solution","https:\u002F\u002Fprofiles.wordpress.org\u002Fwitsolution1\u002F","\u003Cp>\u003Cstrong>SMS API: Buy Sms On \u003Ca href=\"https:\u002F\u002Fwww.allbulksms.in\" rel=\"nofollow ugc\">All Bulk SMS\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IMPORTANT: \u003Cem>Abl OTP SMS Verification\u003C\u002Fem> require wordpress 3.8 or higher.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>OTP Varification in Contact Form 7.\u003C\u002Fli>\n\u003Cli>Support SMS gateways:\n\u003Cul>\n\u003Cli>All Bulk SMS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Origin\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Abl OTP SMS Verification\u003C\u002Fstrong> it has been programmed from the \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwitsolution\" rel=\"nofollow ugc\">Witsolution Team\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Our Services\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.allbulksms.in\u002FBulk-SMS-ahmedabad.html\" rel=\"nofollow ugc\">Bulk SMS Service Provider in Ahmedabad\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.allbulksms.in\u002FPromotional-SMS-Service.html\" rel=\"nofollow ugc\">Promotional Bulk Sms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.allbulksms.in\u002FTransactional-SMS-Service.html\" rel=\"nofollow ugc\">Transactional Bulk Sms\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.witsolution.in\u002Fseo-company-ahmedabad.html\" rel=\"nofollow ugc\">SEO Company In Ahmedabad\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.witsolution.in\u002Fwordpress-website-development.html\" rel=\"nofollow ugc\">WordPress Website Development\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Thanks\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>To all that use it.\u003C\u002Fli>\n\u003Cli>All that you help to improve it.\u003C\u002Fli>\n\u003Cli>All you made donations.\u003C\u002Fli>\n\u003Cli>All that you encourage us with your comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Thank you very much to all!\u003C\u002Fp>\n","SMS API: Buy Sms On All Bulk SMS",2053,"5.2.24","3.8",[110,111,112,113],"abl-otp-sms-verification","contact-form-7-mobile-verification","contact-form-7-otp","otp-varification-in-contact-form-7","http:\u002F\u002FAllbulksms.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-otp-sms-verification.zip","2026-03-15T10:48:56.248Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":27,"downloaded":125,"rating":27,"num_ratings":27,"last_updated":126,"tested_up_to":16,"requires_at_least":127,"requires_php":68,"tags":128,"homepage":130,"download_link":131,"security_score":86,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"g-online-sms","G Online SMS","2.0.0","G Online Sites","https:\u002F\u002Fprofiles.wordpress.org\u002Fgonlinesites\u002F","\u003Cp>\u003Cstrong>G Online SMS\u003C\u002Fstrong> connects your WordPress site to the \u003Ca href=\"https:\u002F\u002Fsms.gonlinesites.com\u002Fapp\" rel=\"nofollow ugc\">G Online SMS gateway\u003C\u002Fa> so you can send SMS messages automatically based on events in WordPress, or manually to any phone number.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Send single or bulk SMS\u003C\u002Fstrong> directly from the WordPress admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk SMS by user role\u003C\u002Fstrong> — target all subscribers, customers, or any custom role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User lifecycle notifications:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Notify admin when a new user registers.\u003C\u002Fli>\n\u003Cli>Send a welcome SMS to every new user.\u003C\u002Fli>\n\u003Cli>Send a farewell SMS when an account is deleted.\u003C\u002Fli>\n\u003Cli>Optional login-alert SMS to admin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Customise SMS messages per order status (pending, processing, completed, refunded, etc.).\u003C\u002Fli>\n\u003Cli>Notify admin when a new order is placed.\u003C\u002Fli>\n\u003Cli>Supports rich order placeholders: \u003Ccode>{order_id}\u003C\u002Fcode>, \u003Ccode>{order_total}\u003C\u002Fcode>, \u003Ccode>{customer_name}\u003C\u002Fcode>, \u003Ccode>{order_items}\u003C\u002Fcode>, and many more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Form 7 integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Send an SMS to admin (or the submitter) when any CF7 form is submitted.\u003C\u002Fli>\n\u003Cli>Per-form overrides via the Additional Settings tab.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gravity Forms integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Send an SMS when a Gravity Forms entry is submitted.\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>{field_id:N}\u003C\u002Fcode> or \u003Ccode>{Field Label}\u003C\u002Fcode> placeholders.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SMS Log\u003C\u002Fstrong> — every sent and failed message is recorded with status, recipient and trigger source.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test SMS button\u003C\u002Fstrong> — verify your API key right from the settings page.\u003C\u002Fli>\n\u003Cli>Fully translatable (\u003Ccode>.pot\u003C\u002Fcode> file included).\u003C\u002Fli>\n\u003Cli>No Bootstrap or external CSS loaded site-wide — lightweight admin-only assets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Placeholders (WooCommerce)\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>{order_id} `{order_number}` `{order_total}` `{order_status}` `{order_date}` `{customer_name}` `{customer_first_name}` `{customer_last_name}` `{customer_email}` `{customer_phone}` `{billing_address}` `{shipping_address}` `{payment_method}` `{shipping_method}` `{order_items}` `{subtotal}` `{tax_amount}` `{currency}` `{coupon_code}` `{site_name}` `{site_url}`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Supported Placeholders (User notifications)\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>{first_name} `{last_name}` `{display_name}` `{user_email}` `{user_login}` `{site_name}` `{site_url}`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the \u003Cstrong>G Online SMS gateway\u003C\u002Fstrong> to send SMS messages and check account balance. This is a third-party service operated by G Online Sites.\u003C\u002Fp>\n\u003Ch4>What data is sent and when\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>When sending an SMS\u003C\u002Fstrong> — the recipient’s phone number, the message text, your Sender ID, and your API key are transmitted to the gateway. This happens every time an SMS is triggered (user registration, WooCommerce order status change, form submission, manual send, etc.).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When checking balance\u003C\u002Fstrong> — only your API key is sent. This happens each time the plugin dashboard page is loaded.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>No data is sent without your action\u003C\u002Fh4>\n\u003Cp>No data is ever transmitted unless you have entered a valid API key in the plugin settings. The plugin makes no external calls on the front end of your website.\u003C\u002Fp>\n\u003Ch4>Service provider details\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service:\u003C\u002Fstrong> G Online SMS — bulk SMS messaging gateway for Ghana and beyond.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Provider:\u003C\u002Fstrong> G Online Sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gateway URL:\u003C\u002Fstrong> https:\u002F\u002Fsms.gonlinesites.com\u002Fapp\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fsms.gonlinesites.com\u002Fapp\u002Fterms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fsms.gonlinesites.com\u002Fapp\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By using this plugin you agree to the terms of service and privacy policy of the G Online SMS gateway listed above.\u003C\u002Fp>\n","Send automated SMS notifications from WordPress — user registration, WooCommerce orders, Contact Form 7, Gravity Forms and more.",105,"2026-03-13T19:17:00.000Z","6.2",[129,20,70,21,23],"bulk-sms","https:\u002F\u002Fsms.gonlinesites.com\u002Fapp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fg-online-sms.2.0.0.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":27,"downloaded":140,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":16,"requires_at_least":141,"requires_php":18,"tags":142,"homepage":18,"download_link":144,"security_score":86,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":116},"sendit-israel","Sendit Israel","1.0.0","UP System","https:\u002F\u002Fprofiles.wordpress.org\u002Fupsystem\u002F","\u003Cp>Sendit Israel provides an easy way to send SMS notifications from WordPress and WooCommerce.\u003Cbr \u002F>\nThe plugin sends SMS updates for WooCommerce order status changes and allows sending SMS through Contact Form 7 submissions using your Sendit API token.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>SMS notifications for WooCommerce order status changes\u003C\u002Fli>\n\u003Cli>Contact Form 7 SMS integration\u003C\u002Fli>\n\u003Cli>Uses your Sendit API token and sender name\u003C\u002Fli>\n\u003Cli>Simple and lightweight\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Sendit SMS platform (Sendit Israel) in order to send SMS messages and track related events.\u003C\u002Fp>\n\u003Cp>When you use this plugin, the following data may be sent to the Sendit API (https:\u002F\u002Fsendit.co.il):\u003Cbr \u002F>\n– Your Sendit API token (for authenticating the requests).\u003Cbr \u002F>\n– Recipient phone number(s).\u003Cbr \u002F>\n– SMS message content and sender name.\u003Cbr \u002F>\n– Technical event data (such as delivery status, message ID, and related metadata) when events are reported back to WordPress.\u003C\u002Fp>\n\u003Cp>This data is required in order to:\u003Cbr \u002F>\n– Send SMS messages from your WordPress site using your Sendit account.\u003Cbr \u002F>\n– Record and update message-related events (such as delivery events) in your WordPress installation.\u003C\u002Fp>\n\u003Cp>The external service used by this plugin is:\u003Cbr \u002F>\n– Sendit SMS Platform (Sendit Israel) – a third-party service that requires an active Sendit account in order to use this plugin.\u003C\u002Fp>\n\u003Cp>For more information about how data is handled, please review Sendit’s Privacy Policy:\u003Cbr \u002F>\nhttps:\u002F\u002Fsendit.co.il\u002Fprivacy-policy\u003C\u002Fp>\n","Sendit Israel provides a simple SMS integration for WordPress and WooCommerce. Supports order status SMS notifications and Contact Form 7 submissions.",112,"5.0",[20,143,70,21,23],"israel","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsendit-israel.1.0.0.zip",{"attackSurface":146,"codeSignals":266,"taintFlows":442,"riskAssessment":573,"analyzedAt":586},{"hooks":147,"ajaxHandlers":221,"restRoutes":252,"shortcodes":253,"cronEvents":264,"entryPointCount":265,"unprotectedCount":11},[148,154,158,162,166,170,174,177,181,185,189,192,195,199,202,204,207,212,215,217],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","plugins_loaded","init","fraudlabspro-sms-verification.php",36,{"type":149,"name":155,"callback":156,"file":152,"line":157},"admin_menu","admin_page",37,{"type":149,"name":159,"callback":160,"file":152,"line":161},"register_form","wp_default_register_form",38,{"type":149,"name":163,"callback":164,"file":152,"line":165},"login_form","wp_default_login_form",39,{"type":149,"name":167,"callback":168,"file":152,"line":169},"wp_loaded","callback_external",42,{"type":149,"name":171,"callback":172,"file":152,"line":173},"admin_enqueue_scripts","plugin_enqueues",43,{"type":149,"name":175,"callback":175,"file":152,"line":176},"admin_footer_text",45,{"type":149,"name":178,"callback":179,"file":152,"line":180},"edd_complete_purchase","edd_sms_verification_email",58,{"type":149,"name":182,"callback":183,"file":152,"line":184},"wp_enqueue_script","load_jquery",102,{"type":149,"name":186,"callback":187,"priority":48,"file":188,"line":157},"manage_shop_order_posts_custom_column","render_column","includes\\class-wc-fraudlabspro-sms-verification.php",{"type":149,"name":190,"callback":191,"file":188,"line":161},"woocommerce_checkout_after_terms_and_conditions","woocommerce_checkout_form",{"type":149,"name":193,"callback":194,"file":188,"line":165},"woocommerce_checkout_process","woocommerce_checkout_process_sms",{"type":149,"name":196,"callback":197,"priority":11,"file":188,"line":198},"woocommerce_store_api_checkout_order_processed","store_woocommerce_checkout_process_sms",40,{"type":149,"name":200,"callback":200,"file":188,"line":201},"woocommerce_login_form",41,{"type":149,"name":203,"callback":203,"file":188,"line":169},"woocommerce_register_form",{"type":149,"name":205,"callback":206,"file":188,"line":173},"woocommerce_thankyou","woocommerce_thankyou_email",{"type":208,"name":209,"callback":210,"priority":50,"file":188,"line":211},"filter","manage_shop_order_posts_columns","add_column",44,{"type":208,"name":213,"callback":214,"priority":11,"file":188,"line":176},"render_block","store_woocommerce_checkout_form",{"type":149,"name":171,"callback":172,"file":188,"line":216},47,{"type":149,"name":218,"callback":219,"file":188,"line":220},"admin_notices","admin_notifications",48,[222,225,227,231,233,235,237,241,243,246,249,250,251],{"action":223,"nopriv":224,"callback":223,"hasNonce":224,"hasCapCheck":224,"file":152,"line":198},"wp_sms_action_send",false,{"action":226,"nopriv":224,"callback":226,"hasNonce":224,"hasCapCheck":224,"file":152,"line":201},"wp_sms_action_verify",{"action":228,"nopriv":224,"callback":229,"hasNonce":230,"hasCapCheck":224,"file":152,"line":211},"fraudlabspro_sms_verification_submit_feedback","submit_feedback",true,{"action":223,"nopriv":224,"callback":223,"hasNonce":224,"hasCapCheck":224,"file":152,"line":232},62,{"action":226,"nopriv":224,"callback":226,"hasNonce":224,"hasCapCheck":224,"file":152,"line":234},66,{"action":228,"nopriv":224,"callback":229,"hasNonce":230,"hasCapCheck":224,"file":152,"line":236},70,{"action":238,"nopriv":224,"callback":239,"hasNonce":230,"hasCapCheck":224,"file":188,"line":240},"fraudlabspro_sms_verification_wc_admin_notice","plugin_dismiss_admin_notice",49,{"action":242,"nopriv":224,"callback":242,"hasNonce":224,"hasCapCheck":224,"file":188,"line":84},"wc_sms_action_send",{"action":244,"nopriv":224,"callback":244,"hasNonce":224,"hasCapCheck":224,"file":188,"line":245},"wc_sms_action_verify",51,{"action":247,"nopriv":224,"callback":247,"hasNonce":224,"hasCapCheck":224,"file":188,"line":248},"wc_sms_action_verified",52,{"action":242,"nopriv":224,"callback":242,"hasNonce":224,"hasCapCheck":224,"file":188,"line":180},{"action":244,"nopriv":224,"callback":244,"hasNonce":224,"hasCapCheck":224,"file":188,"line":232},{"action":247,"nopriv":224,"callback":247,"hasNonce":224,"hasCapCheck":224,"file":188,"line":234},[],[254,257,260],{"tag":255,"callback":256,"file":152,"line":216},"flp_sms_verification","flp_sms_form",{"tag":258,"callback":259,"file":152,"line":240},"flp-sms-verification-edd","flp_sms_form_edd",{"tag":261,"callback":262,"file":188,"line":263},"flp-sms-verification-wc","flp_sms_form_wc",55,[],16,{"dangerousFunctions":267,"sqlUsage":268,"outputEscaping":271,"fileOperations":65,"externalRequests":65,"nonceChecks":14,"capabilityChecks":14,"bundledLibraries":441},[],{"prepared":269,"raw":27,"locations":270},8,[],{"escaped":272,"rawEcho":273,"locations":274},71,90,[275,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,313,315,316,318,319,321,323,325,327,329,331,333,335,337,339,341,342,344,345,347,348,350,352,354,356,358,360,362,364,366,368,370,371,373,374,376,377,378,380,382,384,386,388,390,392,394,396,398,399,401,402,404,405,407,409,411,413,415,417,419,421,423,425,427,428,430,431,433,434,436,438],{"file":152,"line":276,"context":277},127,"raw output",{"file":152,"line":279,"context":277},262,{"file":152,"line":281,"context":277},360,{"file":152,"line":283,"context":277},417,{"file":152,"line":285,"context":277},480,{"file":152,"line":287,"context":277},535,{"file":152,"line":289,"context":277},656,{"file":152,"line":291,"context":277},732,{"file":152,"line":293,"context":277},1093,{"file":152,"line":295,"context":277},1097,{"file":152,"line":297,"context":277},1107,{"file":152,"line":299,"context":277},1108,{"file":152,"line":301,"context":277},1110,{"file":152,"line":303,"context":277},1115,{"file":152,"line":305,"context":277},1117,{"file":152,"line":307,"context":277},1126,{"file":152,"line":309,"context":277},1203,{"file":152,"line":311,"context":277},1237,{"file":152,"line":311,"context":277},{"file":152,"line":314,"context":277},1255,{"file":152,"line":314,"context":277},{"file":152,"line":317,"context":277},1269,{"file":152,"line":317,"context":277},{"file":152,"line":320,"context":277},1274,{"file":152,"line":322,"context":277},1377,{"file":152,"line":324,"context":277},1381,{"file":152,"line":326,"context":277},1391,{"file":152,"line":328,"context":277},1392,{"file":152,"line":330,"context":277},1394,{"file":152,"line":332,"context":277},1399,{"file":152,"line":334,"context":277},1401,{"file":152,"line":336,"context":277},1410,{"file":152,"line":338,"context":277},1487,{"file":152,"line":340,"context":277},1521,{"file":152,"line":340,"context":277},{"file":152,"line":343,"context":277},1539,{"file":152,"line":343,"context":277},{"file":152,"line":346,"context":277},1553,{"file":152,"line":346,"context":277},{"file":152,"line":349,"context":277},1558,{"file":188,"line":351,"context":277},1007,{"file":188,"line":353,"context":277},1011,{"file":188,"line":355,"context":277},1021,{"file":188,"line":357,"context":277},1022,{"file":188,"line":359,"context":277},1025,{"file":188,"line":361,"context":277},1030,{"file":188,"line":363,"context":277},1032,{"file":188,"line":365,"context":277},1041,{"file":188,"line":367,"context":277},1142,{"file":188,"line":369,"context":277},1167,{"file":188,"line":369,"context":277},{"file":188,"line":372,"context":277},1184,{"file":188,"line":372,"context":277},{"file":188,"line":375,"context":277},1198,{"file":188,"line":375,"context":277},{"file":188,"line":309,"context":277},{"file":188,"line":379,"context":277},1307,{"file":188,"line":381,"context":277},1311,{"file":188,"line":383,"context":277},1321,{"file":188,"line":385,"context":277},1322,{"file":188,"line":387,"context":277},1325,{"file":188,"line":389,"context":277},1330,{"file":188,"line":391,"context":277},1332,{"file":188,"line":393,"context":277},1341,{"file":188,"line":395,"context":277},1422,{"file":188,"line":397,"context":277},1457,{"file":188,"line":397,"context":277},{"file":188,"line":400,"context":277},1475,{"file":188,"line":400,"context":277},{"file":188,"line":403,"context":277},1489,{"file":188,"line":403,"context":277},{"file":188,"line":406,"context":277},1494,{"file":188,"line":408,"context":277},1597,{"file":188,"line":410,"context":277},1601,{"file":188,"line":412,"context":277},1611,{"file":188,"line":414,"context":277},1612,{"file":188,"line":416,"context":277},1615,{"file":188,"line":418,"context":277},1620,{"file":188,"line":420,"context":277},1622,{"file":188,"line":422,"context":277},1631,{"file":188,"line":424,"context":277},1712,{"file":188,"line":426,"context":277},1747,{"file":188,"line":426,"context":277},{"file":188,"line":429,"context":277},1765,{"file":188,"line":429,"context":277},{"file":188,"line":432,"context":277},1779,{"file":188,"line":432,"context":277},{"file":188,"line":435,"context":277},1784,{"file":188,"line":437,"context":277},1858,{"file":439,"line":440,"context":277},"includes\\flp-verify.php",182,[],[443,459,468,486,512,521,530,539,550,564],{"entryPoint":444,"graph":445,"unsanitizedCount":26,"severity":39},"wp_default_register_form (fraudlabspro-sms-verification.php:1042)",{"nodes":446,"edges":457},[447,452],{"id":448,"type":449,"label":450,"file":152,"line":451},"n0","source","$_POST",1059,{"id":453,"type":454,"label":455,"file":152,"line":299,"wp_function":456},"n1","sink","echo() [XSS]","echo",[458],{"from":448,"to":453,"sanitized":224},{"entryPoint":460,"graph":461,"unsanitizedCount":26,"severity":39},"wp_default_login_form (fraudlabspro-sms-verification.php:1326)",{"nodes":462,"edges":466},[463,465],{"id":448,"type":449,"label":450,"file":152,"line":464},1343,{"id":453,"type":454,"label":455,"file":152,"line":328,"wp_function":456},[467],{"from":448,"to":453,"sanitized":224},{"entryPoint":469,"graph":470,"unsanitizedCount":26,"severity":39},"wp_sms_action_send (fraudlabspro-sms-verification.php:1997)",{"nodes":471,"edges":483},[472,475,478],{"id":448,"type":449,"label":473,"file":152,"line":474},"$_POST['tel']",2044,{"id":453,"type":476,"label":477,"file":152,"line":474},"transform","→ write_debug_log()",{"id":479,"type":454,"label":480,"file":188,"line":481,"wp_function":482},"n2","file_put_contents() [File Write]",1890,"file_put_contents",[484,485],{"from":448,"to":453,"sanitized":224},{"from":453,"to":479,"sanitized":224},{"entryPoint":487,"graph":488,"unsanitizedCount":26,"severity":39},"\u003Cfraudlabspro-sms-verification> (fraudlabspro-sms-verification.php:0)",{"nodes":489,"edges":507},[490,493,497,499,501,503,505],{"id":448,"type":449,"label":491,"file":152,"line":492},"$_POST (x28)",114,{"id":453,"type":454,"label":494,"file":152,"line":495,"wp_function":496},"update_option() [Settings Manipulation]",118,"update_option",{"id":479,"type":449,"label":498,"file":152,"line":451},"$_POST (x20)",{"id":500,"type":454,"label":455,"file":152,"line":299,"wp_function":456},"n3",{"id":502,"type":449,"label":473,"file":152,"line":474},"n4",{"id":504,"type":476,"label":477,"file":152,"line":474},"n5",{"id":506,"type":454,"label":480,"file":188,"line":481,"wp_function":482},"n6",[508,509,510,511],{"from":448,"to":453,"sanitized":230},{"from":479,"to":500,"sanitized":230},{"from":502,"to":504,"sanitized":224},{"from":504,"to":506,"sanitized":224},{"entryPoint":513,"graph":514,"unsanitizedCount":26,"severity":39},"woocommerce_checkout_form (includes\\class-wc-fraudlabspro-sms-verification.php:955)",{"nodes":515,"edges":519},[516,518],{"id":448,"type":449,"label":450,"file":188,"line":517},973,{"id":453,"type":454,"label":455,"file":188,"line":357,"wp_function":456},[520],{"from":448,"to":453,"sanitized":224},{"entryPoint":522,"graph":523,"unsanitizedCount":26,"severity":39},"woocommerce_login_form (includes\\class-wc-fraudlabspro-sms-verification.php:1255)",{"nodes":524,"edges":528},[525,527],{"id":448,"type":449,"label":450,"file":188,"line":526},1273,{"id":453,"type":454,"label":455,"file":188,"line":385,"wp_function":456},[529],{"from":448,"to":453,"sanitized":224},{"entryPoint":531,"graph":532,"unsanitizedCount":26,"severity":39},"woocommerce_register_form (includes\\class-wc-fraudlabspro-sms-verification.php:1545)",{"nodes":533,"edges":537},[534,536],{"id":448,"type":449,"label":450,"file":188,"line":535},1563,{"id":453,"type":454,"label":455,"file":188,"line":414,"wp_function":456},[538],{"from":448,"to":453,"sanitized":224},{"entryPoint":540,"graph":541,"unsanitizedCount":26,"severity":39},"wc_sms_action_send (includes\\class-wc-fraudlabspro-sms-verification.php:1897)",{"nodes":542,"edges":547},[543,545,546],{"id":448,"type":449,"label":473,"file":188,"line":544},1944,{"id":453,"type":476,"label":477,"file":188,"line":544},{"id":479,"type":454,"label":480,"file":188,"line":481,"wp_function":482},[548,549],{"from":448,"to":453,"sanitized":224},{"from":453,"to":479,"sanitized":224},{"entryPoint":551,"graph":552,"unsanitizedCount":26,"severity":39},"\u003Cclass-wc-fraudlabspro-sms-verification> (includes\\class-wc-fraudlabspro-sms-verification.php:0)",{"nodes":553,"edges":560},[554,556,557,558,559],{"id":448,"type":449,"label":555,"file":188,"line":517},"$_POST (x3)",{"id":453,"type":454,"label":455,"file":188,"line":357,"wp_function":456},{"id":479,"type":449,"label":473,"file":188,"line":544},{"id":500,"type":476,"label":477,"file":188,"line":544},{"id":502,"type":454,"label":480,"file":188,"line":481,"wp_function":482},[561,562,563],{"from":448,"to":453,"sanitized":230},{"from":479,"to":500,"sanitized":224},{"from":500,"to":502,"sanitized":224},{"entryPoint":565,"graph":566,"unsanitizedCount":27,"severity":572},"admin_options (fraudlabspro-sms-verification.php:96)",{"nodes":567,"edges":570},[568,569],{"id":448,"type":449,"label":491,"file":152,"line":492},{"id":453,"type":454,"label":494,"file":152,"line":495,"wp_function":496},[571],{"from":448,"to":453,"sanitized":230},"low",{"summary":574,"deductions":575},"The \"fraudlabs-pro-sms-verification\" plugin version 1.11.4 exhibits a mixed security posture. While it demonstrates good practices by exclusively using prepared statements for SQL queries and has no known critical or high-severity vulnerabilities, several concerning patterns emerge from the static analysis. A significant portion of the plugin's attack surface, specifically 10 out of 13 AJAX handlers, lacks authentication checks. This is further compounded by the presence of 9 flows with unsanitized paths, indicating a potential for injection vulnerabilities if these paths are user-controllable. Although no critical or high-severity taint flows were detected, the high number of unsanitized paths is a notable concern. The plugin's vulnerability history shows a past medium-severity CSRF vulnerability, suggesting a need for continued vigilance regarding input validation and access control, especially given the unprotected AJAX endpoints. Overall, the plugin benefits from secure database interaction but requires immediate attention to its exposed AJAX endpoints and the identified unsanitized code paths to mitigate potential security risks.",[576,578,581,584],{"reason":577,"points":269},"Unprotected AJAX handlers",{"reason":579,"points":580},"Flows with unsanitized paths",7,{"reason":582,"points":583},"Low output escaping percentage",5,{"reason":585,"points":11},"Medium severity vulnerability history","2026-03-16T23:46:14.459Z",{"wat":588,"direct":601},{"assetPaths":589,"generatorPatterns":594,"scriptPaths":595,"versionParams":596},[590,591,592,593],"\u002Fwp-content\u002Fplugins\u002Ffraudlabs-pro-sms-verification\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ffraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Ffraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Ffraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Fadmin.js",[],[591,592,593],[597,598,599,600],"fraudlabs-pro-sms-verification\u002Fassets\u002Fcss\u002Fstyle.css?ver=","fraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Fscript.js?ver=","fraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","fraudlabs-pro-sms-verification\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":602,"htmlComments":606,"htmlAttributes":610,"restEndpoints":613,"jsGlobals":616,"shortcodeOutput":618},[603,604,605],"fraudlabs-pro-sms-verification-wrapper","fraudlabs-pro-sms-verification-button","fraudlabs-pro-sms-verification-form",[607,608,609],"\u003C!-- SMS Verification Form Start -->","\u003C!-- SMS Verification Form End -->","\u003C!-- FraudLabs Pro SMS Verification Admin Footer Text -->",[611,612],"data-flp-sms-verification-api-key","data-flp-sms-verification-nonce",[614,615],"\u002Fwp-json\u002Ffraudlabs-pro-sms-verification\u002Fv1\u002Fsend_otp","\u002Fwp-json\u002Ffraudlabs-pro-sms-verification\u002Fv1\u002Fverify_otp",[617],"fraudlabs_pro_sms_verification_params",[619,620],"[flp_sms_verification]","[flp-sms-verification-edd]"]