SMS For Woo Security & Risk Analysis
wordpress.org/plugins/sms-for-wooA free SMS notifications plugin for Woocommerce shops, that uses global-voice.com API.
Is SMS For Woo Safe to Use in 2026?
Generally Safe
Score 100/100SMS For Woo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'sms-for-woo' plugin version 1.2.0 exhibits a generally good security posture with several positive indicators. The complete absence of known CVEs and a history free of reported vulnerabilities suggest a commitment to security or a lack of past exploitation. Furthermore, the code demonstrates strong practices such as 100% of SQL queries using prepared statements and the presence of nonce and capability checks on a significant portion of its entry points. The lack of critical or high severity taint flows is also a positive sign.
However, there are notable areas for concern. The presence of one unprotected AJAX handler represents a significant security risk, as it could be exploited by unauthenticated users. Additionally, the plugin's output escaping is only 56% properly handled, leaving a substantial portion of its output vulnerable to cross-site scripting (XSS) attacks. While the attack surface isn't massive, the unprotected entry point and the low output escaping rate are the primary weaknesses in an otherwise promising security profile.
Key Concerns
- Unprotected AJAX handler
- Low percentage of properly escaped output
SMS For Woo Security Vulnerabilities
SMS For Woo Release Timeline
SMS For Woo Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
SMS For Woo Attack Surface
AJAX Handlers 4
WordPress Hooks 7
Maintenance & Trust
SMS For Woo Maintenance & Trust
Maintenance Signals
Community Trust
SMS For Woo Alternatives
wooSMS Techno71
sms-on-order-place-and-order-status-change
This is an awesome plugin for woocommece shop. This plugin gives your site the ability to send sms on every order placement.
WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce
wp-sms
Send SMS/MMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.
SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery
sms-alert
Send WooCommerce SMS notifications, OTP verification, abandoned cart recovery alerts, and real-time order updates to customers and admins.
افزونه پیامک حرفه ای فراز اس ام اس
farazsms
شما می توانید با استفاده از افزونه فراز اس ام اس، سایت خود را با ابزاری خودکار برای ارسال پیامک و ذخیره شماره در دفترچه تلفن، تقویت کنید.
NotifSMS – SMS Notifications OTP & 2FA for WordPress & WooCommerce
wp-twilio-core
Send SMS, OTP & 2FA notifications from WordPress via Twilio. Includes automated alerts, bulk messaging, and integrations with popular plugins.
SMS For Woo Developer Profile
1 plugin · 0 total installs
How We Detect SMS For Woo
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/sms-for-woo/sms-for-woo.php/wp-content/plugins/sms-for-woo/includes/sms-for-woo-admin.php/wp-content/plugins/sms-for-woo/includes/sms-for-woo-public.php/wp-content/plugins/sms-for-woo/assets/css/sms-for-woo-styles.css/wp-content/plugins/sms-for-woo/assets/js/sms-for-woo-script.js/wp-content/plugins/sms-for-woo/assets/js/sms-for-woo-script.jssms-for-woo/assets/css/sms-for-woo-styles.css?ver=sms-for-woo/assets/js/sms-for-woo-script.js?ver=HTML / DOM Fingerprints
sms-for-woo-optin-checkbox<!-- SMS For Woo Account Settings --><!-- SMS For Woo General Settings --><!-- SMS For Woo Bulk SMS --><!-- SMS For Woo Test SMS -->name='sms_for_woo_from'name='sms_for_woo_username'name='sms_for_woo_password'name='sms_for_woo_apitoken'name='sms_for_woo_connection_user'name='sms_for_woo_connection_password'+3 moresms_for_woo_ajax_object/wp-json/sms-for-woo/v1/send-sms/wp-json/sms-for-woo/v1/test-sms/wp-json/sms-for-woo/v1/account-data[sms_for_woo_checkout_optin]