WP-Safety

Wocommerce – Mezco SMS Security & Risk Analysis

wordpress.org/plugins/woo-mezco-sms

Add to your WooCommerce store SMS notifications to your customers when order status changed.

0 active installs v1.0.1 PHP + WP 3.8+ Updated Jun 26, 2019
adensoft-developerse-commercemezcopluginswoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Wocommerce – Mezco SMS Safe to Use in 2026?

Generally Safe

Score 85/100

Wocommerce – Mezco SMS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "woo-mezco-sms" v1.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by not having any known CVEs, using prepared statements exclusively for SQL queries, and avoiding bundled libraries. The attack surface is minimal with no exposed AJAX handlers, REST API routes, or shortcodes that are directly accessible. However, significant concerns arise from the static code analysis. The presence of the `unserialize` function is a critical risk, as it can lead to remote code execution if untrusted data is unserialized without proper sanitization. Furthermore, only 5% of the 38 output instances are properly escaped, leaving a high probability of cross-site scripting (XSS) vulnerabilities. The absence of nonce checks and capability checks on its single cron event is also a notable weakness, potentially allowing unauthorized execution of its scheduled tasks. The lack of any recorded vulnerability history, while seemingly positive, might also suggest insufficient security auditing or analysis in the past, making the current findings more impactful.

Key Concerns

  • Unsanitized unserialize() function found
  • Low percentage of properly escaped output (5%)
  • Missing nonce checks on cron events
  • Missing capability checks on cron events
Vulnerabilities
None known

Wocommerce – Mezco SMS Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Wocommerce – Mezco SMS Release Timeline

v1.0.1Current
Code Analysis
Analyzed Mar 17, 2026

Wocommerce – Mezco SMS Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
36
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
29
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugin = get_object_vars( unserialize( $respuesta['body'] ) );includes\admin\funciones-mezco.php:73

Output Escaping

5% escaped38 total outputs
Attack Surface

Wocommerce – Mezco SMS Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
filterplugin_row_metaincludes\admin\funciones-mezco.php:34
actionadmin_enqueue_scriptsincludes\admin\funciones-mezco.php:98
actioninitmezco-sms.php:66
actionadmin_menumezco-sms.php:78
filterwoocommerce_screen_idsmezco-sms.php:86
actionadmin_initmezco-sms.php:101
actionwoocommerce_order_status_pending_to_on-hold_notificationmezco-sms.php:233
actionwoocommerce_order_status_failed_to_on-hold_notificationmezco-sms.php:234
actionwoocommerce_order_status_processingmezco-sms.php:235
actionwoocommerce_order_status_completedmezco-sms.php:236
actionwoocommerce_order_status_pending_to_processing_notificationmezco-sms.php:241
actionmezco_sms_ejecuta_el_temporizadormezco-sms.php:259
actionwoocommerce_new_customer_notemezco-sms.php:319
actionadmin_noticesmezco-sms.php:321

Scheduled Events 1

mezco_sms_ejecuta_el_temporizador
Maintenance & Trust

Wocommerce – Mezco SMS Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedJun 26, 2019
PHP min version
Downloads9K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Wocommerce – Mezco SMS Alternatives

Product Filter for WooCommerce by WBW

Product Filter for WooCommerce by WBW

woo-product-filter

A
88

Filter products by categories, attributes, prices, and more. Elementor Compatibility. Shoppers easily find products with WooCommerce Product Filter

60K 9 CVEs
WCBoost – Wishlist

WCBoost – Wishlist

wcboost-wishlist

A
100

WCBoost - Wishlist lets shoppers create wishlists for later purchases, reminding them of desired items, driving repeat visits and boost sales.

40K No CVEs
Klarna for WooCommerce

Klarna for WooCommerce

klarna-payments-for-woocommerce

A
100

Grow your business for increased sales and enhanced shopping experiences at no extra costs.

30K 1 CVE
Conversion Tracking for WooCommerce

Conversion Tracking for WooCommerce

woocommerce-conversion-tracking

A
98

Adds various conversion tracking codes to cart, checkout, registration success and product page on WooCommerce

20K 4 CVEs
Amazon Pay for WooCommerce

Amazon Pay for WooCommerce

woocommerce-gateway-amazon-payments-advanced

A
100

Install the Amazon Pay plugin for your WooCommerce store and take advantage of a seamless checkout experience

20K 1 CVE
Developer Profile

Wocommerce – Mezco SMS Developer Profile

adensoft

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Wocommerce – Mezco SMS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-mezco-sms/includes/css/style.css/wp-content/plugins/woo-mezco-sms/includes/js/script.js
Script Paths
/wp-content/plugins/woo-mezco-sms/includes/js/script.js
Version Parameters
woo-mezco-sms/includes/css/style.css?ver=woo-mezco-sms/includes/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
mezco-sms-admin-wrap
HTML Comments
<!--Igual no deberías poder abrirme--><!--Comprobamos si está instalado y activo WPML--><!--Cargamos funciones necesarias--><!--Añade en el menú a WooCommerce-->+10 more
Data Attributes
data-admin-bar-settings
FAQ

Frequently Asked Questions about Wocommerce – Mezco SMS