Does Transmit SMS Share have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Transmit SMS Share compatible with WordPress 3.9.40?

According to WordPress.org data, Transmit SMS Share 1.8 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Transmit SMS Share updated?

Transmit SMS Share was last updated on Jan 5, 2016. Frequent updates are generally a positive security signal.

What is Transmit SMS Share's security score?

Transmit SMS Share has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Transmit SMS Share Security & Risk Analysis

wordpress.org/plugins/transmit-sms-share

Share pages, posts and links via SMS using Transmit SMS API

10 active installs v1.8 PHP + WP 3.3+ Updated Jan 5, 2016

notificationsshare-contentshare-delivery-notificationssmstext-message-notifications

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Transmit SMS Share Safe to Use in 2026?

Generally Safe

Score 85/100

Transmit SMS Share has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The transmit-sms-share plugin v1.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not having any known CVEs, indicating a generally stable history and responsible maintenance. Furthermore, all SQL queries are properly prepared, and the absence of bundled libraries is also a good sign. However, the static analysis reveals significant concerns. The presence of 8 dangerous functions, specifically 'unserialize', is a major red flag, especially when combined with 3 taint flows with unsanitized paths. This combination strongly suggests a high risk of remote code execution or data manipulation vulnerabilities. The fact that 0% of outputs are properly escaped is also a substantial weakness, opening the door to cross-site scripting (XSS) vulnerabilities. While the attack surface appears small (0 entry points), the underlying code quality issues present a significant risk. The plugin's lack of vulnerability history, while positive, could also be due to a lack of deep security auditing rather than inherent security.

Key Concerns

Dangerous functions (unserialize) found
Taint flows with unsanitized paths
Output escaping is not properly implemented
File operations detected
External HTTP requests detected
No nonce checks implemented
Capability checks used minimally

Vulnerabilities

None known

Transmit SMS Share Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Transmit SMS Share Release Timeline

v1.7

v1.5

v1.4

v1.3

v1.2

v1.1

Code Analysis

Analyzed Mar 17, 2026

Transmit SMS Share Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$TSCOption = unserialize(@get_option(TSCWpOption));admin\admin-controller.php:33

unserialize$TSCOption = unserialize(@get_option(TSCWpOption));admin\admin-controller.php:69

unserialize$TSCOption = unserialize(@get_option(TSCWpOption));admin\admin-controller.php:83

unserialize$TSCOption = unserialize(@get_option(TSCWpOption));admin\admin-controller.php:90

unserialize$TSCSms = unserialize(stripslashes(get_option(TSCWpOptionApi)));admin\admin-functions.php:38

unserialize$TSCOption = unserialize(@get_option(TSCWpOption));admin\admin-functions.php:47

unserialize$this->TSCOption = unserialize($arrOption);classTransmitSareCard.php:12

unserialize$WBSms = unserialize(stripslashes(get_option(TSCWpOptionApi)));classTransmitSareCard.php:66

Output Escaping

0% escaped46 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

TSCSMSC_settingForm (admin\admin-functions.php:35)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Transmit SMS Share Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_initadmin\admin-functions.php:2

actionwp_enqueue_scriptsadmin\admin-functions.php:23

actionadmin_menuadmin\admin.php:4

filterthe_contentclassTransmitSareCard.php:23

filterwp_headclassTransmitSareCard.php:27

filterwp_footerclassTransmitSareCard.php:115

Maintenance & Trust

Transmit SMS Share Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJan 5, 2016

PHP min version

Downloads2K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

Transmit SMS Share Alternatives

WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce

wp-sms

Send SMS/MMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.

8K 17 CVEs

miniOrange OTP Login, Verification and SMS Notifications

miniorange-otp-verification

100

OTP Verification via Email/SMS/WhatsApp,SMS Notifications for WooCommerce,OTP Login with Phone,PasswordLess Login.Custom Gateway for OTP Verification

6K 1 CVE

NotifSMS – SMS Notifications OTP & 2FA for WordPress & WooCommerce

wp-twilio-core

100

Send SMS, OTP & 2FA notifications from WordPress via Twilio. Includes automated alerts, bulk messaging, and integrations with popular plugins.

2K No CVEs

BulkGate SMS Plugin for WooCommerce

woosms-sms-module-for-woocommerce

100

SMS and Viber plugin for WooCommerce. Order status notifications, personalized Bulk SMS and Viber campaigns, 2-way messaging and admin alerts.

1K 1 CVE

ShopMagic – Twilio SMS

shopmagic-for-twilio

100

Send WooCommerce SMS notifications, reminders, and text messages to your customers. The plugin is the ShopMagic add-on and it lets you send sms remind …

800 No CVEs

Developer Profile

Transmit SMS Share Developer Profile

adykidd

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Transmit SMS Share

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/transmit-sms-share/assets/css/style.css/wp-content/plugins/transmit-sms-share/assets/css/bootstrap.css/wp-content/plugins/transmit-sms-share/assets/font-awesome-4.2.0/css/font-awesome.css/wp-content/plugins/transmit-sms-share/assets/js/bootstrap.js/wp-content/plugins/transmit-sms-share/admin/admin.js

Script Paths

/wp-content/plugins/transmit-sms-share/assets/js/bootstrap.js/wp-content/plugins/transmit-sms-share/admin/admin.js

Version Parameters

transmit-sms-share/assets/css/style.css?ver=transmit-sms-share/assets/css/bootstrap.css?ver=transmit-sms-share/assets/font-awesome-4.2.0/css/font-awesome.css?ver=transmit-sms-share/assets/js/bootstrap.js?ver=transmit-sms-share/admin/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

TSC_pageafter

Data Attributes

data-toggledata-target

JS Globals

TSCapiConnectTSCrederShortcCodeTSC_successSubmitTSC_failSubmitTSC_phoneFormatWrongTSC_WrongCaptcha+3 more

Shortcode Output

[ARTICLE TITLE][ARTICLE LINK]

FAQ