[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foJdIMlMoobDSo5kJ_ZClYV7wKdjSM2cQ-xL919dz7Cw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":219,"crawl_stats":38,"alternatives":226,"analysis":320,"fingerprints":1047},"wp-sms","WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce","7.2","VeronaLabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fveronalabs\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwsms.io\u002F?utm_source=wporg&utm_medium=link&utm_campaign=website\" rel=\"nofollow ugc\">WSMS\u003C\u002Fa> lets you send SMS\u002FMMS notifications, one-time passwords (OTP), and two-factor authentication (2FA) messages straight from WordPress. It supports a wide range of SMS gateways and integrates with popular e-commerce and form builder plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use WSMS to:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Keep customers updated on WooCommerce orders\u003Cbr \u002F>\n– Collect subscribers with SMS newsletter forms\u003Cbr \u002F>\n– Secure logins with OTP & 2FA\u003Cbr \u002F>\n– Alert admins about new users, logins, or updates\u003Cbr \u002F>\n– Run marketing campaigns with scheduled or bulk SMS\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fdemo.wsms.io\u002Fwp-login.php\" rel=\"nofollow ugc\">Check out the demo\u003C\u002Fa> | \u003Ca href=\"#screenshots\" rel=\"nofollow ugc\">View screenshots\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fgateways?utm_source=wporg&utm_medium=link&utm_campaign=gateways\" rel=\"nofollow ugc\">See supported gateways\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fintegrations?utm_source=wporg&utm_medium=link&utm_campaign=integrations\" rel=\"nofollow ugc\">Explore integrations\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Send SMS\u002FMMS:\u003C\u002Fstrong> Send messages through your choice of supported SMS gateways.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-Commerce & Form Integration:\u003C\u002Fstrong> Seamlessly integrates with popular e-commerce platforms and form builders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OTP & 2FA:\u003C\u002Fstrong> Add extra login security with one-time passwords and two-factor authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile Login:\u003C\u002Fstrong> Let users log in with their mobile number.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Alerts:\u003C\u002Fstrong> Get notified when new users register, posts are published, or WordPress updates are available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Newsletters & Widgets:\u003C\u002Fstrong> Build SMS newsletter forms with shortcodes, widgets, or Gutenberg blocks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two-Way SMS (All-in-One):\u003C\u002Fstrong> Receive and reply to SMS messages inside WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk & Scheduled SMS:\u003C\u002Fstrong> Send to multiple recipients at once, immediately or on schedule.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Integration:\u003C\u002Fstrong> Connect with external services and automation platforms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Messaging Button:\u003C\u002Fstrong> Let visitors reach you instantly via messaging channels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant:\u003C\u002Fstrong> Built with privacy and compliance in mind.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to WSMS All-in-One\u003C\u002Fh3>\n\u003Cp>Unlock additional features with \u003Cstrong>All-in-One\u003C\u002Fstrong> — the plan that gives you access to all premium add-ons in one package.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With All-in-One you get:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Secure login & registration with OTP & 2FA\u003Cbr \u002F>\n– Scheduled & recurring SMS\u002FMMS\u003Cbr \u002F>\n– Two-way SMS inbox\u003Cbr \u002F>\n– Enhanced e-commerce features (login, checkout verification, order updates)\u003Cbr \u002F>\n– Membership platform integrations\u003Cbr \u002F>\n– Advanced form builder SMS capabilities\u003Cbr \u002F>\n– Marketing automation integrations\u003Cbr \u002F>\n– Booking system compatibility\u003Cbr \u002F>\n– URL shortening service integration\u003Cbr \u002F>\n– All future add-ons included\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fpricing\u002F?utm_source=wporg&utm_medium=link&utm_campaign=pricing\" rel=\"nofollow ugc\">See All-in-One details & compare features\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🐞 Report Bugs & Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Found a bug? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">Open an issue on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Security concerns? Report them via the \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fwordpress\u002Fplugin\u002Fwp-sms\u002Fvdp\" rel=\"nofollow ugc\">Patchstack VDP program\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📝 Trademark Notice\u003C\u002Fh3>\n\u003Cp>WooCommerce, GravityForms, Elementor, Contact Form 7, Twilio, WhatsApp, Clickatell, BulkSMS, Plivo, Zapier, Bitly, and other product names mentioned are trademarks of their respective owners. WSMS is not affiliated with, endorsed by, or sponsored by these companies.\u003C\u002Fp>\n\u003Ch3>Source Code and Build Instructions\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> The plugin works out of the box — no build steps required for regular users. This section is for developers who want to modify or contribute to the source code. See the \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">full documentation\u003C\u002Fa> for user guides.\u003C\u002Fp>\n\u003Cp>All source code for minified JavaScript and CSS is included in the plugin under the \u003Ccode>resources\u002F\u003C\u002Fcode> directory. Build instructions and full source are available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Third-Party Libraries\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchartjs\u002FChart.js\" rel=\"nofollow ugc\">Chart.js\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fflatpickr\u002Fflatpickr\" rel=\"nofollow ugc\">flatpickr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjackocnr\u002Fintl-tel-input\" rel=\"nofollow ugc\">intlTelInput\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDubFriend\u002Fjquery.repeater\" rel=\"nofollow ugc\">jquery.repeater\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqwertypants\u002FjQuery-Word-and-Character-Counter-Plugin\" rel=\"nofollow ugc\">jQuery Word and Character Counter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffacebook\u002Freact\" rel=\"nofollow ugc\">React\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fselect2\u002Fselect2\" rel=\"nofollow ugc\">Select2\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftailwindlabs\u002Ftailwindcss\" rel=\"nofollow ugc\">Tailwind CSS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcalebjacob\u002Ftooltipster\" rel=\"nofollow ugc\">Tooltipster\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fveronalabs\u002Fwp-scoper\" rel=\"nofollow ugc\">WP Scoper\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Repository\u003C\u002Fh4>\n\u003Cp>Full source code: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">github.com\u002Fwp-sms\u002Fwp-sms\u003C\u002Fa>\u003C\u002Fp>\n","Send SMS\u002FMMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.",9000,730389,82,105,"2026-03-08T08:32:00.000Z","6.9.4","4.1","7.4",[20,21,22,23,24],"2fa-authentication","bulk-sms","otp-login","sms-notifications","woocommerce-sms","https:\u002F\u002Fwsms.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sms.7.2.zip",95,15,0,"2026-02-10 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64,77,89,102,115,129,139,151,160,171,182,195,208],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2026-25343","wsms-formerly-wp-sms-sms-mms-notifications-with-otp-and-2fa-for-woocommerce-authenticated-administrator-stored-cross-sit","WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce \u003C= 7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting","The WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=7.1","7.1.1","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-26 20:07:39",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F94c3fb5a-c6bb-447f-9b37-0eadaccbf374?source=api-prod",17,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2025-62006","wp-sms-missing-authorization-2","WP SMS \u003C= 7.0.1 - Missing Authorization","The WP SMS – Ultimate SMS & MMS Notifications, OTP, 2FA, and WooCommerce & Forms Integrations plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 7.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.","\u003C=7.0.1","7.0.2",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-10-16 00:00:00","2025-10-23 14:33:29",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc55ce1a2-f3e6-4fce-8a40-195a9739172e?source=api-prod",8,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":16,"severity":41,"cvss_score":70,"cvss_vector":71,"vuln_type":58,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2024-43331","wp-sms-missing-authorization","WP SMS \u003C= 6.9.3 - Missing Authorization","The WP SMS – Ultimate SMS & MMS Notifications, 2FA, OTP, and Integrations with WooCommerce, GravityForms, and More plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 6.9.3. This makes it possible for unauthenticated attackers to perform an unauthorized action.","\u003C=6.9.3",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2024-08-16 00:00:00","2024-08-22 23:08:57",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F08cb2162-fac3-47af-9292-116095ee40dc?source=api-prod",7,{"id":78,"url_slug":79,"title":80,"description":81,"plugin_slug":4,"theme_slug":38,"affected_versions":82,"patched_in_version":83,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":84,"updated_date":85,"references":86,"days_to_patch":88},"CVE-2024-34811","wp-sms-authenticated-administrator-stored-cross-site-scripting","WP SMS \u003C= 6.5.1 - Authenticated (Administrator+) Stored Cross-Site Scripting","The WP SMS – Messaging, SMS & MMS Notifications, 2FA & OTP for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=6.5.1","6.5.2","2024-05-13 00:00:00","2024-05-15 20:24:24",[87],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5e8e7199-f5f1-4036-b2cd-88b7e806873d?source=api-prod",3,{"id":90,"url_slug":91,"title":92,"description":93,"plugin_slug":4,"theme_slug":38,"affected_versions":94,"patched_in_version":95,"severity":41,"cvss_score":56,"cvss_vector":96,"vuln_type":97,"published_date":98,"updated_date":99,"references":100,"days_to_patch":76},"CVE-2024-30454","wp-sms-cross-site-request-forgery","WP SMS \u003C= 6.6.2 - Cross-Site Request Forgery","The WP SMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.6.2. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=6.6.2","6.6.3","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-03-28 00:00:00","2024-04-03 20:04:53",[101],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1e07e570-e4c0-472c-b582-40a87a6507bf?source=api-prod",{"id":103,"url_slug":104,"title":105,"description":106,"plugin_slug":4,"theme_slug":38,"affected_versions":107,"patched_in_version":108,"severity":41,"cvss_score":109,"cvss_vector":110,"vuln_type":44,"published_date":111,"updated_date":112,"references":113,"days_to_patch":76},"CVE-2024-25920","wp-sms-authenticated-contributor-stored-cross-site-scripting-via-shortcode","WP SMS \u003C= 6.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 6.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=6.3.4","6.4",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-02-14 00:00:00","2024-02-20 16:22:04",[114],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb6d874a2-f0cd-49d2-b531-5d780db7d25d?source=api-prod",{"id":116,"url_slug":117,"title":118,"description":119,"plugin_slug":4,"theme_slug":38,"affected_versions":120,"patched_in_version":121,"severity":41,"cvss_score":122,"cvss_vector":123,"vuln_type":44,"published_date":124,"updated_date":125,"references":126,"days_to_patch":128},"CVE-2024-24881","wp-sms-reflected-cross-site-scripting-via-page","WP SMS \u003C= 6.5.2 - Reflected Cross-Site Scripting via 'page'","The WP SMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in versions up to, and including, 6.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=6.5.2","6.5.3",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-02-05 00:00:00","2024-02-08 15:42:24",[127],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F31f7dc1e-2008-4672-85ba-56fa35f4f0e1?source=api-prod",4,{"id":130,"url_slug":131,"title":132,"description":133,"plugin_slug":4,"theme_slug":38,"affected_versions":82,"patched_in_version":83,"severity":41,"cvss_score":109,"cvss_vector":110,"vuln_type":44,"published_date":134,"updated_date":135,"references":136,"days_to_patch":138},"WF-c9141ad3-86cf-47ae-be99-d78f0337f2ca-wp-sms","wp-sms-authenticated-contributor-stored-cross-site-scripting","WP SMS \u003C= 6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting","The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 6.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2024-01-12 00:00:00","2024-01-22 19:56:02",[137],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc9141ad3-86cf-47ae-be99-d78f0337f2ca?source=api-prod",11,{"id":140,"url_slug":141,"title":142,"description":143,"plugin_slug":4,"theme_slug":38,"affected_versions":144,"patched_in_version":145,"severity":41,"cvss_score":56,"cvss_vector":96,"vuln_type":97,"published_date":146,"updated_date":147,"references":148,"days_to_patch":150},"CVE-2023-6980","wp-sms-cross-site-request-forgery-to-subscriber-deletion","WP SMS \u003C= 6.5 - Cross-Site Request Forgery to Subscriber Deletion","The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5. This is due to missing or incorrect nonce validation on the 'delete' action of the wp-sms-subscribers page. This makes it possible for unauthenticated attackers to delete subscribers via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=6.5","6.5.1","2024-01-02 00:00:00","2024-07-29 21:36:54",[149],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F94ad6b51-ff8d-48d5-9a70-1781d13990a5?source=api-prod",210,{"id":152,"url_slug":153,"title":154,"description":155,"plugin_slug":4,"theme_slug":38,"affected_versions":144,"patched_in_version":145,"severity":41,"cvss_score":122,"cvss_vector":123,"vuln_type":156,"published_date":146,"updated_date":157,"references":158,"days_to_patch":150},"CVE-2023-6981","wp-sms-authenticated-admin-sql-injection-to-reflected-cross-site-scripting","WP SMS \u003C= 6.5 - Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting","The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to SQL Injection via the 'group_id' parameter in all versions up to, and including, 6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This can leveraged to achieve Reflected Cross-site Scripting.","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-07-29 21:37:16",[159],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb8f53053-5150-4fba-b8d6-3d6c9df32c69?source=api-prod",{"id":161,"url_slug":162,"title":163,"description":164,"plugin_slug":4,"theme_slug":38,"affected_versions":165,"patched_in_version":166,"severity":41,"cvss_score":56,"cvss_vector":96,"vuln_type":97,"published_date":167,"updated_date":135,"references":168,"days_to_patch":170},"WF-747afa58-182a-4fb3-bfe3-f15db0b1d85a-wp-sms","wp-sms-cross-site-request-forgery-2","WP SMS \u003C= 6.1.5 - Cross-Site Request Forgery","The WP SMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.1.5. This is due to missing or incorrect nonce validation on the unSubscriberNumberByUrlAction function. This makes it possible for unauthenticated attackers to unsubscribe users via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C6.2.0","6.2.0","2023-07-07 00:00:00",[169],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F747afa58-182a-4fb3-bfe3-f15db0b1d85a?source=api-prod",200,{"id":172,"url_slug":173,"title":174,"description":175,"plugin_slug":4,"theme_slug":38,"affected_versions":176,"patched_in_version":177,"severity":41,"cvss_score":122,"cvss_vector":123,"vuln_type":44,"published_date":178,"updated_date":135,"references":179,"days_to_patch":181},"CVE-2023-32742","wp-sms-reflected-cross-site-scripting-via-deletemobile","WP SMS \u003C= 6.1.4 - Reflected Cross-Site Scripting via 'delete_mobile'","The WP SMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'delete_mobile' parameter in versions up to, and including, 6.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers  to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=6.1.4","6.1.5","2023-05-15 00:00:00",[180],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F04970416-06db-4339-ac22-34fde5a48f2a?source=api-prod",253,{"id":183,"url_slug":184,"title":185,"description":186,"plugin_slug":4,"theme_slug":38,"affected_versions":187,"patched_in_version":188,"severity":41,"cvss_score":70,"cvss_vector":189,"vuln_type":190,"published_date":191,"updated_date":135,"references":192,"days_to_patch":194},"CVE-2023-27447","wp-sms-information-disclosure-via-rest-api","WP SMS \u003C= 6.0.4 - Information Disclosure via REST API","The WP SMS plugin for WordPress is vulnerable to information disclosure via the REST API in versions up to, and including, 6.0.4. This allows unauthenticated attackers to retrieve a list of newsletter subscribers.","\u003C=6.0.4","6.0.4.1","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2023-03-02 00:00:00",[193],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F57377380-0435-4747-abba-50063978d8e1?source=api-prod",327,{"id":196,"url_slug":197,"title":198,"description":199,"plugin_slug":4,"theme_slug":38,"affected_versions":200,"patched_in_version":201,"severity":41,"cvss_score":202,"cvss_vector":203,"vuln_type":44,"published_date":204,"updated_date":135,"references":205,"days_to_patch":207},"CVE-2021-24561","wp-sms-authenticated-stored-cross-site-scripting","WP SMS \u003C= 5.4.12 - Authenticated Stored Cross-Site Scripting","The WP SMS WordPress plugin before 5.4.13 does not sanitise the \"wp_group_name\" parameter before outputting it back in the \"Groups\" page, leading to an Authenticated Stored Cross-Site Scripting issue","\u003C5.4.13","5.4.13",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-07-26 00:00:00",[206],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F90ebe593-6511-4998-a45e-795f3597b191?source=api-prod",911,{"id":209,"url_slug":210,"title":211,"description":212,"plugin_slug":4,"theme_slug":38,"affected_versions":213,"patched_in_version":214,"severity":41,"cvss_score":122,"cvss_vector":123,"vuln_type":44,"published_date":215,"updated_date":135,"references":216,"days_to_patch":218},"WF-b597e8a5-043e-440e-aaa2-38fb3eeb0731-wp-sms","wp-sms-messaging-sms-notification-for-wordpress-woocommerce-gravityforms-etc-reflected-cross-site-scripting","WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc \u003C= 5.4.9 - Reflected Cross-Site Scripting","The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in versions up to, and including, 5.4.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=5.4.9","5.4.9.1","2021-06-30 00:00:00",[217],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb597e8a5-043e-440e-aaa2-38fb3eeb0731?source=api-prod",937,{"slug":220,"display_name":7,"profile_url":8,"plugin_count":128,"total_installs":221,"avg_security_score":222,"avg_patch_time_days":223,"trust_score":224,"computed_at":225},"veronalabs",689000,89,961,71,"2026-04-03T23:03:10.493Z",[227,243,266,285,303],{"slug":228,"name":229,"version":230,"author":231,"author_profile":232,"description":233,"short_description":10,"active_installs":234,"downloaded":235,"rating":29,"num_ratings":29,"last_updated":236,"tested_up_to":237,"requires_at_least":238,"requires_php":239,"tags":240,"homepage":239,"download_link":241,"security_score":242,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"ultimate-sms","Ultimate SMS Notifications – Messaging, Alerts & OTP","1.0.3","wpunicorn","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpunicorn\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpsmspro.com\u002F?utm_source=wporg&utm_medium=link&utm_campaign=website\" rel=\"nofollow ugc\">Ultimate SMS\u003C\u002Fa>: A powerful texting Plugin for WordPress, Receive SMS notifications as per the site’s activities, Inteagrate Your WordPress Website with Twilio API.\u003Cbr \u002F>\nAlso, You can send SMS to subscribers of the newsletter, any number or admin for any notifications in WordPress.\u003Cbr \u002F>\nThis plugin was created for this by using \u003Ca href=\"https:\u002F\u002Fwww.twilio.com\u002F\" rel=\"nofollow ugc\">Twilio\u003C\u002Fa> API,One of the best SMS solutions on the market. And they’re reasonably priced and have an excellent API.\u003C\u002Fp>\n\u003Cp>Here’s a list of what the plugin provides out of the box:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom function to easily send SMS messages to any number (including international ones)\u003C\u002Fli>\n\u003Cli>Functionality to directly send a text message to any permissible number from the plugin settings page\u003C\u002Fli>\n\u003Cli>Send Bulk SMS to all the users of the website or to a user role.\u003C\u002Fli>\n\u003Cli>Send SMS Newsletter to all the users of the website or to a user role or to a custom list of numbers.Many premium features and options are integrated within this one.\u003C\u002Fli>\n\u003Cli>Enable sending SMS notifications to the admin or any number about any activity on the website (New comment,New Post,..)\u003C\u002Fli>\n\u003Cli>Hooks to add additional tabs on the plugin settings page to allow managing all SMS related settings from the same page\u003C\u002Fli>\n\u003Cli>Basic logging capability to keep track of up to 100 entries\u003C\u002Fli>\n\u003Cli>Mobile Phone User Field added to each profile (optional)\u003C\u002Fli>\n\u003Cli>Shorten URLs using Bit.ly or Google URL Shortener API (optional)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Extend, Contribute, Integrate\u003C\u002Fp>\n\u003Cp>Disclaimer: This plugin is not affiliated with or supported by Twilio, Inc. All logos and trademarks are the property of their respective owners.\u003C\u002Fp>\n",10,1733,"2025-11-16T14:47:00.000Z","6.8.5","4.5","",[20,21,22,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-sms.1.0.3.zip",100,{"slug":244,"name":245,"version":246,"author":247,"author_profile":248,"description":249,"short_description":250,"active_installs":251,"downloaded":252,"rating":253,"num_ratings":254,"last_updated":255,"tested_up_to":16,"requires_at_least":256,"requires_php":257,"tags":258,"homepage":262,"download_link":263,"security_score":242,"vuln_count":264,"unpatched_count":29,"last_vuln_date":265,"fetched_at":31},"miniorange-otp-verification","miniOrange OTP Login, Verification and SMS Notifications","5.4.8","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-otp-verification\" rel=\"nofollow ugc\">Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-otp-verification\" rel=\"nofollow ugc\">Setup Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-forms\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fcontact\" rel=\"nofollow ugc\">Contact Us\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-otp-verification\" rel=\"nofollow ugc\">WordPress OTP Verification\u003C\u002Fa> plugin verifies users’ \u003Cem>email IDs and mobile numbers\u003C\u002Fem> through an \u003Cem>OTP (One-Time Password)\u003C\u002Fem> sent during \u003Cem>registration, login, and contact form submissions\u003C\u002Fem>. This ensures that only genuine users can sign up while preventing fake registrations and duplicate accounts.\u003C\u002Fp>\n\u003Cp>\u003Cem>Watch this video to learn more about the OTP Verification plugin and its capabilities:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FBcvzJV9OxQE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Enjoy \u003Cem>10 free email and SMS OTPs\u003C\u002Fem> upon installation to experience the plugin’s functionality.\u003C\u002Fp>\n\u003Ch3>FEATURES OF ONE-TIME PASSWORD PLUGIN\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-forms\" rel=\"nofollow ugc\">OTP Verification On 30+ forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsupported-sms-email-gateways\" rel=\"nofollow ugc\">miniOrange SMS gateway support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwoocommerce-login-form-with-otp-verification-for-wordpress\" rel=\"nofollow ugc\">Login with Phone Number\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-register-using-only-phone-addon\" rel=\"nofollow ugc\">Register with Phone Number\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-woocommerece-sms-notification\" rel=\"nofollow ugc\">SMS Notifications for WooCommerce Order Status\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-limit-otp-request-addon\" rel=\"nofollow ugc\">OTP Spam Preventor\u002FLimit OTP Addon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-selected-countries\" rel=\"nofollow ugc\">Allow OTP for selected countries\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fultimate-member-notification-otp-verification-plugin\" rel=\"nofollow ugc\">Ultimate Member SMS Notification\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fultimate-member-password-reset-otp-verification\" rel=\"nofollow ugc\">Ultimate Member Password Reset\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>Detailed Transaction Reports and Logs\u003C\u002Fli>\n\u003Cli>Passwordless Login using OTP Verification\u003C\u002Fli>\n\u003Cli>Country code dropdown\u003C\u002Fli>\n\u003Cli>Customize OTP length and validity\u003C\u002Fli>\n\u003Cli>Block specific email domains and phone numbers\u003C\u002Fli>\n\u003Cli>OTP pop-up customization (available on limited login, registration, and checkout forms)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PREMIUM FEATURES AVAILABLE ON UPGRADE\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-whatsapp-as-two-factor\" rel=\"nofollow ugc\">OTP Over WhatsApp\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-whatsapp-as-two-factor\" rel=\"nofollow ugc\">Both Email and Phone Verification\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsupported-sms-email-gateways\" rel=\"nofollow ugc\">Custom SMS & Email Gateways\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-register-using-only-phone-addon\" rel=\"nofollow ugc\">Register Using phone number Addon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwcfm-notification-vendor-notification-otp-verification-plugin\" rel=\"nofollow ugc\">WCFM Vendor SMS Notifications\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fdokan-notification-vendor-notification-otp-verification-plugin\" rel=\"nofollow ugc\">Dokan Vendor SMS Notifications\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-elementor-pro-form\" rel=\"nofollow ugc\">Elementor Pro Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fcheckout-wc-form-setup-for-wordpress-otp\" rel=\"nofollow ugc\">Checkout WC Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-jet-engine-form-wordpress\" rel=\"nofollow ugc\">Jet Engine Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fjetformbuilder-crocoblock-setup-for-otp-verification\" rel=\"nofollow ugc\">JetFormBuilder Form by Crocoblock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fws-form-setup-for-otp-verification\" rel=\"nofollow ugc\">WS Pro Contact Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftutor-lms-Instructor-registration-otp-verification\" rel=\"nofollow ugc\">Tutor LMS Instructor Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftutor-lms-login-otp-verification\" rel=\"nofollow ugc\">Tutor LMS Login Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftutor-lms-student-registration-otp-verification\" rel=\"nofollow ugc\">Tutor LMS Student Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-user-registration-form\" rel=\"nofollow ugc\">User Registration Forms — WP Everest\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-woocommerce-frontend-manager-form\" rel=\"nofollow ugc\">WooCommerce Frontend Manager Form (WCFM)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsetup-otp-verification-for-houzez-registration-form\" rel=\"nofollow ugc\">Houzez — Real Estate Theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Login using phone number Addon\u003C\u002Fli>\n\u003Cli>Customize specific SMS and Email templates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>THIRD PARTY CUSTOM SMS GATEWAY FOR OTP Verification and SMS Notifications\u003C\u002Fh4>\n\u003Cp>In the OTP Verification Plugin, you can use \u003Cstrong>your third-party gateway\u003C\u002Fstrong> for sending the SMS\u002FEmail & SMS Notifications.\u003Cbr \u002F>\nYou can also use the \u003Cstrong>miniOrange gateway\u003C\u002Fstrong> to perform OTP verification over Phone\u002FSMS and Email or to send SMS notifications. We support OTP Verification worldwide.\u003Cbr \u002F>\n\u003Cstrong>Some of the well-known Gateways supported for OTP and SMS (OTP):\u003C\u002Fstrong>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fwww.twilio.com\u002F\" rel=\"nofollow ugc\">Twilio\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fwww.clickatell.com\u002F\" rel=\"nofollow ugc\">Clickatell\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fwww.clicksend.com\u002F\" rel=\"nofollow ugc\">ClickSend\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fsendgrid.com\u002F\" rel=\"nofollow ugc\">SendGrid\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fwww.plivo.com\u002F\" rel=\"nofollow ugc\">Plivo\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Faws.amazon.com\u002Fsns\u002F\" rel=\"nofollow ugc\">AWS SNS\u003C\u002Fa>\u003Cbr \u002F>\n— \u003Ca href=\"https:\u002F\u002Fmsg91.com\u002F\" rel=\"nofollow ugc\">Msg91\u003C\u002Fa>\u003Cbr \u002F>\nCheck the list of a few of our supported SMS gateways here : \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsupported-sms-email-gateways\" rel=\"nofollow ugc\">SMS Gateways\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>WHATSAPP OTP VERIFICATION & NOTIFICATIONS\u003C\u002Fh4>\n\u003Cp>In our OTP Plugin, you can enable OTP Verification via WhatsApp as well as send custom messages & order notifications on WhatsApp.\u003Cbr \u002F>\nEnables order status notifications, new account sms notifications, and many more on WhatsApp.\u003Cbr \u002F>\nContact us at \u003Cstrong>otpsupport@xecurify.com\u002Finfo@xecurify.com\u003C\u002Fstrong> to know more.\u003C\u002Fp>\n\u003Ch3>FREE AND PREMIUM OTP VERIFICATION ADDONS SUPPORTED\u003C\u002Fh3>\n\u003Cp>Follow the link to check free and premium addons supported in the OTP Verification plugin : \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-otp-verification#addons-section\" rel=\"nofollow ugc\">OTP Verification Addons Supported\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login with Phone Number:\u003C\u002Fstrong>The login with Phone add-on allows users to log in using a phone number only.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce SMS Notifications:\u003C\u002Fstrong>Allows your site to send automated \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-woocommerece-sms-notification\" rel=\"nofollow ugc\">WooCommerce order notifications and WooCommerce sms notifications\u003C\u002Fa> to buyers, sellers, and admins. Buyer and seller both can get SMS notifications after an order is placed or when the order status changes. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Passwordless Login:\u003C\u002Fstrong>With Passwordless login, users would be able to log in using their Username and OTP. \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-register-using-only-phone-addon\" rel=\"nofollow ugc\">\u003Cstrong>Register Using Phone Number Only:\u003C\u002Fstrong>\u003C\u002Fa>: Users can register on your WordPress site using only a Phone Number and OTP instead of an Email address or Username.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-configure-woocommerce-password-reset-addon\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Password Reset:\u003C\u002Fstrong>\u003C\u002Fa>Addon replaces the existing WooCommerce Password reset functionality with OTP Verification. Allow users to reset their password using OTP Verification instead of email links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultimate Member SMS Notifications\u003C\u002Fstrong>Allows your site to send automated Ultimate Member notifications to admins and users. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultimate Member Password Reset:\u003C\u002Fstrong>Add-on that replaces the existing Ultimate Member Password reset functionality with OTP Verification. Allow users to reset their passwords using OTP Verification instead of email links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country Restriction Addon:\u003C\u002Fstrong>Add-on allows OTP Verification to be enabled for a selected list of countries only. OTP Verification for any other country outside the selected list will be blocked by the addon.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OTP Over Phone Call:\u003C\u002Fstrong>Add-on allows OTP Verification over a Phone Call instead of SMS. The code will be received via a phone call to the customer.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch3>Updated List Of Supported Forms\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-forms\" rel=\"nofollow ugc\">Supported WordPress Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-default-login-form-with-otp-verification\" rel=\"nofollow ugc\">WordPress Login Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-elementor-pro-form\" rel=\"nofollow ugc\">Elementor Pro Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fconfigure-one-time-password-verification-wordpress-default-tml-registration-form\" rel=\"nofollow ugc\">WordPress default registration\u002FTML Registration Form \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwoocommerce-login-form-with-otp-verification-for-wordpress\" rel=\"nofollow ugc\">WooCommerce Login Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-woocommerce-registration-form\u002F\" rel=\"nofollow ugc\">WooCommerce Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-woocommerce-checkout-form\u002F\" rel=\"nofollow ugc\">WooCommerce Checkout Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-woocommerce-frontend-manager-form\" rel=\"nofollow ugc\">WooCommerce FrontEnd Manager Form(WCFM)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-woocommerce-billing-address-update-form\u002F\" rel=\"nofollow ugc\">WooCommerce Billing Address Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-ultimate-member-registration-form\u002F\" rel=\"nofollow ugc\">Ultimate Member Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-ultimate-member-profileaccount-form\u002F\" rel=\"nofollow ugc\">Ultimate Member Profile\u002FAccounts Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-login-form\" rel=\"nofollow ugc\">Ultimate Member Login Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fultimate-member-password-reset-otp-verification\" rel=\"nofollow ugc\">Ultimate Member Password Reset Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-gravity-form\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-form-maker-form\" rel=\"nofollow ugc\">Form Maker Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-user-registration-form\" rel=\"nofollow ugc\">User Registration Form — WP Everest\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-woocommerce-social-login\" rel=\"nofollow ugc\">WooCommerce Social Login form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Farmember-registration-form-otp-verification-wordpress\" rel=\"nofollow ugc\">ARMember Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-profile-builder-registration-form\" rel=\"nofollow ugc\">Profile Builder Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=TKzmBmc2nQc\" rel=\"nofollow ugc\">Simplr Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fplugins.miniorange.com\u002Fconfigure-one-time-password-verification-buddypress-registration-form\u002F\" rel=\"nofollow ugc\">BuddyPress registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-custom-user-registration-form-builder-registration-magic\" rel=\"nofollow ugc\">RegistrationMagic \u002F User Registration Form Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-user-ultra-registration-form\" rel=\"nofollow ugc\">Users Ultra Registration form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-userprofile-made-easy-registration-form\" rel=\"nofollow ugc\">User Profiles Made Easy Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fcheckout-wc-form-setup-for-wordpress-otp\" rel=\"nofollow ugc\">Checkout WC\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-pie-registration-form\" rel=\"nofollow ugc\">PIE Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-contact-form-7\u002F\" rel=\"nofollow ugc\">Contact Form 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-ninja-forms-version-3-0\" rel=\"nofollow ugc\">Ninja Forms Above version 3.0\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-login-form\" rel=\"nofollow ugc\">Theme My Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-gravity-form\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-wp-member\" rel=\"nofollow ugc\">WP-Members\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-ultimate-membership-pro-form\" rel=\"nofollow ugc\">Indeed Ultimate Membership Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-classify-theme-registration-form\" rel=\"nofollow ugc\">Classify Theme Registration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-real-estate-7-pro-theme\" rel=\"nofollow ugc\">Real estate 7 pro Theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-wp-emember\" rel=\"nofollow ugc\">WP eMember Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-formcraft-basic-free-version\" rel=\"nofollow ugc\">FormCraft Basic — Free Version\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fformcraft-premium-form-using-one-time-password-verification\" rel=\"nofollow ugc\">FormCraft — Premium Version\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-wordpress-comment-form\" rel=\"nofollow ugc\">WordPress Comment Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=Bv3RKJhKW0o\" rel=\"nofollow ugc\">DocDirect Theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-wp-forms\" rel=\"nofollow ugc\">WpForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-caldera-form\u002F\" rel=\"nofollow ugc\">Caldera Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-memberpress-registration-form\u002F\" rel=\"nofollow ugc\">MemberPress Registration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-paid-membership-pro-registration-form\" rel=\"nofollow ugc\">Paid Membership Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-real-estate-7-pro-theme\" rel=\"nofollow ugc\">Real Estate 7 Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-woocommerce-product-vendor-registration-form\" rel=\"nofollow ugc\">WooCommerce Product Vendor Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-formidable-form\u002F\" rel=\"nofollow ugc\">Formidable Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-visual-form-builder\u002F\" rel=\"nofollow ugc\">Visual Form Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feduma-theme-login-form-setup-otp-wordpress\" rel=\"nofollow ugc\">Eduma Login Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Feduma-theme-registration-form-setup-otp-wordpress\" rel=\"nofollow ugc\">Eduma Theme Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fuserpro-form-wordpress-otp-authentication\" rel=\"nofollow ugc\">UserPro Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fws-form-setup-for-otp-verification\" rel=\"nofollow ugc\">WS Pro Contact form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fjetformbuilder-crocoblock-setup-for-otp-verification\" rel=\"nofollow ugc\">JetFormBuilder by Crocoblock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-everest-contact-form-wordpress-otp\" rel=\"nofollow ugc\">Everest Contact Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-fluent-form-with-otp-verification\" rel=\"nofollow ugc\">Fluent Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsetup-otp-verification-for-houzez-registration-form\" rel=\"nofollow ugc\">Houzez Theme Registration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fotp-verification-for-jet-engine-form-wordpress\" rel=\"nofollow ugc\">Jet Engine\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fenable-otp-verification-with-social-login\" rel=\"nofollow ugc\">miniOrange Social Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwp-user-manager-registration-form-otp-verification\" rel=\"nofollow ugc\">WP User Manager Registration Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Real Estate WP Theme Registration Form\u003C\u002Fli>\n\u003Cli>WP Client Registration Form\u003C\u002Fli>\n\u003Cli>MemberPress Single Checkout Registration Form\u003C\u002Fli>\n\u003Cli>MultiSite Registration Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>How does this plugin work?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>On submitting the registration\u002Flogin form, an Email\u002FSMS with OTP is sent to the email address\u002Fmobile number provided by the user.\u003C\u002Fli>\n\u003Cli>Once the OTP is entered, it is verified, and the user gets registered\u002Flogs in.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>External Services and Libraries\u003C\u002Fp>\n\u003Col>\n\u003Cli>This plugin uses the miniOrange Servers for OTP Validation.\u003C\u002Fli>\n\u003Cli>\u003Cem>intlTelInput\u003C\u002Fem> – The plugin uses the intlTelInput library for international telephone input formatting and validation. The minified files \u003Ccode>intlTelInput.min.js\u003C\u002Fcode> and \u003Ccode>intlTelInput.min.css\u003C\u002Fcode> are included in the plugin distribution. The source code for intlTelInput is available at: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjackocnr\u002Fintl-tel-input\" rel=\"nofollow ugc\">intlTelInput GitHub repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>SUPPORT\u003C\u002Fh3>\n\u003Cp>Customized solutions and Support options are available. Email us at \u003Cstrong>otpsupport@xecurify.com\u002Finfo@xecurify.com\u003C\u002Fstrong>.\u003C\u002Fp>\n","OTP Verification via Email\u002FSMS\u002FWhatsApp,SMS Notifications for WooCommerce,OTP Login with Phone,PasswordLess Login.Custom Gateway for OTP Verification",6000,446350,94,432,"2026-01-23T12:20:00.000Z","3.5","5.3.0",[259,260,22,261,23],"email-verification","otp","phone-verification","http:\u002F\u002Fminiorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-otp-verification.5.4.8.zip",1,"2023-11-14 00:00:00",{"slug":267,"name":268,"version":269,"author":270,"author_profile":271,"description":272,"short_description":273,"active_installs":274,"downloaded":275,"rating":242,"num_ratings":264,"last_updated":276,"tested_up_to":16,"requires_at_least":277,"requires_php":278,"tags":279,"homepage":283,"download_link":284,"security_score":242,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"branded-sms-pakistan","Branded SMS Pakistan","3.0.7","H3 Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Fh3technologies\u002F","\u003Cp>\u003Cstrong>Extend your WooCommerce store capabilities and create new opportunities for your business\u003C\u002Fstrong> with \u003Ca href=\"https:\u002F\u002Fwww.brandedsmspakistan.com\u002F\" title=\"Branded SMS Pakistan - SMS module for WooCommerce\" rel=\"nofollow ugc\">Branded SMS Pakistan Plugin\u003C\u002Fa> – the next level SMS plugin for WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Improve Customer Relationship\u003C\u002Fstrong>\u003Cbr \u002F>\n* Make your customers happy and notify them about order status change via SMS notifications. Every SMS Notification can be customized very easily from admin panel even in your \u003Cstrong>Native Language\u003C\u002Fstrong>\u003Cstrong>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shipment Notification\u003C\u002Fstrong>\u003Cbr \u002F>\n* Send courier consignment \u002F tracking number with complete details to customer for tracking. Ready to use with Trax Logistics, Swyft Logisitcs, Leopards Courier and others.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Personalized Messaging\u003C\u002Fstrong>\u003Cbr \u002F>\n* Branded SMS Pakistan is capable to personalized all kind of messages with WooCommerce available variables including Customer Name, Address, Email, Order Amount which can easily added in the message body.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce Order Verification – OTP\u003C\u002Fstrong>\u003Cbr \u002F>\n* No need to call and verify customer’s order with Branded SMS Pakistan you can \u003Cstrong>automate the order and customer verification\u003C\u002Fstrong> by using our OTP feature which automatically generate a PIN code and send it to customer’s mobile number to enter on the order verification screen. You can also enable the one-click order verification link feature so your customer can verify order on a click!\u003C\u002Fp>\n\u003Ch3>Bulk SMS Marketing\u003C\u002Fh3>\n\u003Cp>Bulk Marketing feature is a premium feature of Branded SMS Pakistan’ plugin which provide the user to send the SMS in bulk amount to customer who recently purchased item from store, easily filtered by product name or by product categories without any difficulty. This premium feature contains of three main steps:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Select Products\u002FCategories to Market\u003C\u002Fstrong>\u003Cbr \u002F>\n  In this step user have to select the customers numbers by the product category (customers who’ve bought any product from that category) or by product name(customers who’ve bought that product). User can also select both options.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Message Body\u003C\u002Fstrong>\u003Cbr \u002F>\n  In this step, user have to write the message which he wants to send to the customer’s numbers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Summary of Campaign\u003C\u002Fstrong>\u003Cbr \u002F>\n  In this step, Bulk Marketing feature will generate a summary of selected numbers which includes REPEATED NUMBERS which will be excluded, UNIQUE NUMBERS will be included in list of bulk SMS, and in the last it will show the message body which you’ve written to send to customers.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>One Click Setup\u003C\u002Fstrong>\u003Cbr \u002F>\n* You can easily setup the messaging service by entering your Email Address and API Key. You can generate a API Key in our \u003Ca href=\"https:\u002F\u002Fsecure.h3techs.com\u002Fsms\u002Fdevelopers\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Developer Documentation\u003C\u002Fa> section.\u003C\u002Fp>\n","Branded SMS Pakistan - WooCommerce plugin will allow you to send Branded or Short Code SMS notification automatically for orders placed in WooCommerce …",50,9999,"2026-03-03T10:17:00.000Z","4.7","5.4",[280,21,281,282,23],"bulk-marketing","send-sms","sms","https:\u002F\u002Fwww.brandedsmspakistan.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbranded-sms-pakistan.zip",{"slug":286,"name":287,"version":288,"author":289,"author_profile":290,"description":291,"short_description":292,"active_installs":234,"downloaded":293,"rating":29,"num_ratings":29,"last_updated":294,"tested_up_to":295,"requires_at_least":296,"requires_php":297,"tags":298,"homepage":300,"download_link":301,"security_score":302,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"turbo-sms","Turbo SMS","2.0","TURBO SMS","https:\u002F\u002Fprofiles.wordpress.org\u002Fturbosms\u002F","\u003Cp>Add Instant Order Status SMS Notifications Feature To Your Site\u003C\u002Fp>\n\u003Cp>You will get full support from us if you are our client. You will get the top level support from our support department that you won’t ever regret. Please read our \u003Ca href=\"https:\u002F\u002Fwww.turbosms.net\u002Fterms\" rel=\"nofollow ugc\">Turbo SMS Terms & Policy\u003C\u002Fa> before use to get the proper support.\u003C\u002Fp>\n","Add Instant Order Status SMS Notifications Feature To Your Site",1141,"2021-07-24T07:44:00.000Z","5.8.13","4.6","5.2.4",[21,282,23,286,299],"woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fturbo-sms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fturbo-sms.zip",85,{"slug":304,"name":305,"version":306,"author":307,"author_profile":308,"description":309,"short_description":310,"active_installs":29,"downloaded":311,"rating":29,"num_ratings":29,"last_updated":312,"tested_up_to":313,"requires_at_least":314,"requires_php":297,"tags":315,"homepage":318,"download_link":319,"security_score":302,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"bulk-sms-smsnet24","Bulk SMS – SMSNET24","1.0","digitallabbd","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitallabbd\u002F","\u003Cp>SMSNET24.Com is a BULK SMS Service of DigitalLab. Bulk SMS is widely used in Bank, School,College, Universiy, Govt., Non Govt organization world wide. Our SMS gateway is specially designed for Bangladesh Mask SMS including world wide SMS service.Http API, Rest API is Free!! Our web panel is very easy to use and support responsive design for mobile\u002FTab\u002FLaptop PC browser. Support file to SMS, Phonebook to SMS, Copy to SMS, Android Apps, Iphone(IOS) Apps.\u003C\u002Fp>\n\u003Cp>Major features in SMSNET24 include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>woocommerce compliant bulk SMS\u003C\u002Fli>\n\u003Cli>OTP generate using API\u003C\u002Fli>\n\u003Cli>Send SMS using API\u003C\u002Fli>\n\u003Cli>Invoice, Order confirmation SMS, Delivery SMS, Payment SMS\u003C\u002Fli>\n\u003C\u002Ful>\n","SMSNET24.Com is a BULK SMS Service of DigitalLab. Bulk SMS is widely used in Bank, School,College, Universiy, Govt., Non Govt organization world wide.",2457,"2022-11-02T12:56:00.000Z","6.0.11","5.0",[21,316,317,24,4],"dokan-sms","sms-rest-api","http:\u002F\u002Fsmsnet24.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-sms-smsnet24.1.0.zip",{"attackSurface":321,"codeSignals":776,"taintFlows":959,"riskAssessment":1036,"analyzedAt":1046},{"hooks":322,"ajaxHandlers":766,"restRoutes":767,"shortcodes":768,"cronEvents":773,"entryPointCount":264,"unprotectedCount":29},[323,330,334,339,343,348,352,357,361,366,369,373,375,377,380,382,384,387,390,392,395,398,404,406,409,413,415,420,423,426,429,433,437,440,445,448,451,456,460,463,467,471,474,478,482,486,490,494,497,500,504,505,507,510,512,515,517,519,523,528,531,534,537,541,544,548,551,552,555,557,559,562,566,570,573,576,579,582,585,587,591,593,596,599,602,604,607,610,613,615,616,620,623,627,630,633,636,639,642,645,647,649,651,654,657,659,660,663,667,669,672,676,678,681,684,687,690,694,696,699,702,705,708,711,713,716,719,722,725,727,729,730,733,737,740,743,746,749,750,752,754,758,762],{"type":324,"name":325,"callback":326,"priority":327,"file":328,"line":329},"action","admin_bar_menu","admin_bar",40,"includes\\admin\\class-wpsms-admin.php",25,{"type":324,"name":331,"callback":332,"file":328,"line":333},"dashboard_glance_items","dashboard_glance",26,{"type":335,"name":336,"callback":337,"priority":29,"file":328,"line":338},"filter","plugin_row_meta","meta_links",29,{"type":335,"name":340,"callback":341,"file":328,"line":342},"admin_body_class","modify_admin_body_classes",30,{"type":335,"name":344,"callback":345,"priority":346,"file":328,"line":347},"admin_footer_text","wpsms_custom_footer",999,31,{"type":335,"name":349,"callback":350,"priority":346,"file":328,"line":351},"update_footer","wpsms_update_footer",32,{"type":324,"name":353,"callback":354,"file":355,"line":356},"admin_init","register_settings","includes\\admin\\settings\\class-wpsms-settings.php",78,{"type":335,"name":358,"callback":359,"priority":234,"file":355,"line":360},"pre_update_option_wpsms_settings","updateGateWayVersion",87,{"type":324,"name":362,"callback":363,"file":364,"line":365},"rest_api_init","registerRoutes","includes\\api\\v1\\class-wpsms-api-addons.php",27,{"type":324,"name":362,"callback":363,"file":367,"line":368},"includes\\api\\v1\\class-wpsms-api-admin-notices.php",46,{"type":324,"name":362,"callback":370,"file":371,"line":372},"register_routes","includes\\api\\v1\\class-wpsms-api-credit.php",20,{"type":324,"name":362,"callback":363,"file":374,"line":329},"includes\\api\\v1\\class-wpsms-api-groups.php",{"type":324,"name":362,"callback":370,"file":376,"line":338},"includes\\api\\v1\\class-wpsms-api-newsletter.php",{"type":324,"name":362,"callback":363,"file":378,"line":379},"includes\\api\\v1\\class-wpsms-api-notifications.php",28,{"type":324,"name":362,"callback":363,"file":381,"line":333},"includes\\api\\v1\\class-wpsms-api-outbox.php",{"type":324,"name":362,"callback":363,"file":383,"line":365},"includes\\api\\v1\\class-wpsms-api-privacy.php",{"type":324,"name":362,"callback":370,"file":385,"line":386},"includes\\api\\v1\\class-wpsms-api-send.php",74,{"type":324,"name":362,"callback":363,"file":388,"line":389},"includes\\api\\v1\\class-wpsms-api-settings.php",56,{"type":324,"name":362,"callback":363,"file":391,"line":379},"includes\\api\\v1\\class-wpsms-api-subscribers.php",{"type":324,"name":362,"callback":370,"file":393,"line":394},"includes\\api\\v1\\class-wpsms-api-webhook.php",22,{"type":324,"name":325,"callback":326,"file":396,"line":397},"includes\\class-front.php",13,{"type":324,"name":399,"callback":400,"priority":401,"file":402,"line":403},"wp_enqueue_scripts","load_international_input",999999,"includes\\class-wpsms-features.php",19,{"type":324,"name":405,"callback":400,"priority":401,"file":402,"line":372},"admin_enqueue_scripts",{"type":324,"name":407,"callback":400,"priority":401,"file":402,"line":408},"login_enqueue_scripts",21,{"type":324,"name":410,"callback":411,"file":402,"line":412},"show_user_profile","anonymous",45,{"type":324,"name":414,"callback":411,"file":402,"line":368},"edit_user_profile",{"type":335,"name":416,"callback":417,"priority":234,"file":418,"line":419},"wp_sms_to","cleanNumbers","includes\\class-wpsms-gateway.php",206,{"type":335,"name":416,"callback":421,"priority":372,"file":418,"line":422},"applyCountryCode",211,{"type":335,"name":416,"callback":424,"priority":372,"file":418,"line":425},"sendOnlyLocalNumbers",216,{"type":335,"name":416,"callback":427,"file":418,"line":428},"modify_bulk_send",224,{"type":324,"name":430,"callback":431,"priority":234,"file":418,"line":432},"wp_sms_log_after_save","mail_admin_sms_stopped",227,{"type":324,"name":434,"callback":435,"file":418,"line":436},"wp_sms_after_gateway","closure",299,{"type":335,"name":438,"callback":435,"file":418,"line":439},"wp_sms_gateway_settings",312,{"type":324,"name":441,"callback":442,"priority":234,"file":443,"line":444},"wpmu_new_blog","add_table_on_create_blog","includes\\class-wpsms-install.php",18,{"type":335,"name":446,"callback":447,"file":443,"line":403},"wpmu_drop_tables","remove_table_on_delete_blog",{"type":324,"name":449,"callback":450,"file":443,"line":394},"plugins_loaded","plugin_upgrades",{"type":335,"name":452,"callback":453,"file":454,"line":455},"wpcf7_editor_panels","cf7_editor_panels","includes\\class-wpsms-integrations.php",23,{"type":324,"name":457,"callback":458,"file":454,"line":459},"wpcf7_after_save","wpcf7_save_form",24,{"type":324,"name":461,"callback":462,"file":454,"line":329},"wpcf7_before_send_mail","wpcf7_sms_handler",{"type":324,"name":464,"callback":465,"priority":372,"file":466,"line":329},"wp_loaded","unSubscriberNumberByUrlAction","includes\\class-wpsms-newsletter.php",{"type":324,"name":468,"callback":469,"file":470,"line":389},"init","handleCoreUpdateNotifications","includes\\class-wpsms-notifications.php",{"type":324,"name":472,"callback":473,"priority":234,"file":470,"line":27},"user_register","new_user",{"type":324,"name":475,"callback":476,"priority":477,"file":470,"line":14},"wp_insert_comment","new_comment",99,{"type":324,"name":479,"callback":480,"priority":477,"file":470,"line":481},"wp_login","login_user",115,{"type":324,"name":483,"callback":484,"file":470,"line":485},"add_meta_boxes","notification_meta_box",125,{"type":324,"name":487,"callback":488,"priority":234,"file":470,"line":489},"wp_insert_post","notify_subscribers_for_published_post",126,{"type":324,"name":491,"callback":492,"priority":234,"file":470,"line":493},"future_to_publish","handle_scheduled_post_published",127,{"type":324,"name":495,"callback":435,"priority":234,"file":470,"line":496},"transition_post_status",128,{"type":324,"name":495,"callback":498,"priority":234,"file":470,"line":499},"notify_author_for_published_post",142,{"type":324,"name":449,"callback":501,"file":502,"line":503},"plugin_setup","includes\\class-wpsms.php",57,{"type":324,"name":468,"callback":468,"file":502,"line":14},{"type":324,"name":468,"callback":435,"file":502,"line":506},195,{"type":335,"name":344,"callback":508,"priority":346,"file":509,"line":455},"modifyAdminFooterText","src\\Admin\\AdminManager.php",{"type":335,"name":349,"callback":511,"priority":346,"file":509,"line":459},"modifyAdminUpdateFooter",{"type":324,"name":513,"callback":514,"file":509,"line":338},"admin_notices","displayNotices",{"type":324,"name":353,"callback":516,"file":509,"line":342},"handleDismissNotice",{"type":324,"name":353,"callback":518,"file":509,"line":347},"handleGeneralNotices",{"type":335,"name":520,"callback":521,"file":522,"line":408},"cron_schedules","anonymizedUsageDataCronIntervalsHook","src\\Admin\\AnonymizedUsageData\\AnonymizedUsageDataManager.php",{"type":335,"name":524,"callback":525,"file":526,"line":527},"wp_sms_enable_upgrade_to_bundle","showUpgradeToBundle","src\\Admin\\LicenseManagement\\LicenseManagementManager.php",38,{"type":324,"name":468,"callback":529,"file":526,"line":530},"redirectOldLicenseUrlToNew",39,{"type":324,"name":468,"callback":532,"file":526,"line":533},"registerAjaxCallbacks",58,{"type":324,"name":353,"callback":535,"file":536,"line":48},"registerActions","src\\Admin\\Notification\\NotificationManager.php",{"type":335,"name":538,"callback":539,"file":540,"line":444},"debug_information","addSmsPluginInfo","src\\Admin\\SiteHealthInfo.php",{"type":335,"name":542,"callback":435,"file":543,"line":222},"wp_sms_send_sms_response","src\\BackgroundProcess\\SmsDispatcher.php",{"type":324,"name":468,"callback":545,"file":546,"line":547},"registerBlocks","src\\Blocks\\BlockAssetsManager.php",16,{"type":324,"name":549,"callback":550,"priority":234,"file":546,"line":48},"block_categories_all","registerPluginBlockCategory",{"type":324,"name":513,"callback":435,"file":546,"line":351},{"type":324,"name":353,"callback":553,"file":554,"line":455},"initStaticNotice","src\\Notice\\NoticeManager.php",{"type":324,"name":513,"callback":556,"file":554,"line":459},"displayStaticNotices",{"type":324,"name":513,"callback":558,"file":554,"line":365},"displayFlashNotices",{"type":324,"name":560,"callback":561,"file":554,"line":342},"wp_sms_pro_before_content_render","displayProNotice",{"type":324,"name":563,"callback":564,"file":554,"line":565},"wp_sms_woocommerce_pro_before_content_render","displayWoocommerceProLicenseNotice",33,{"type":324,"name":567,"callback":568,"file":554,"line":569},"wp_sms_two_way_before_content_render","displayTwoLicenseNotice",36,{"type":324,"name":571,"callback":568,"file":554,"line":572},"wp_sms_addon_two_way_before_content_render",37,{"type":324,"name":574,"callback":575,"file":554,"line":327},"wp_sms_addon_fluent_crm_before_content_render","displayFluentLicenseNotice",{"type":324,"name":577,"callback":575,"file":554,"line":578},"wp_sms_addon_fluent_forms_before_content_render",41,{"type":324,"name":580,"callback":575,"file":554,"line":581},"wp_sms_addon_fluent_support_before_content_render",42,{"type":324,"name":583,"callback":584,"file":554,"line":412},"wp_sms_addon_paid_membership_pro_before_content_render","displayMembershipLicenseNotice",{"type":324,"name":586,"callback":584,"file":554,"line":368},"wp_sms_addon_simple_membership_before_content_render",{"type":324,"name":588,"callback":589,"file":554,"line":590},"wp_sms_addon_booking_integrations_woo_bookings_before_content_render","displayBookingLicenseNotice",49,{"type":324,"name":592,"callback":589,"file":554,"line":274},"wp_sms_addon_booking_integrations_bookingpress_before_content_render",{"type":324,"name":594,"callback":589,"file":554,"line":595},"wp_sms_addon_booking_integrations_booking_calendar_before_content_render",51,{"type":324,"name":597,"callback":589,"file":554,"line":598},"wp_sms_addon_booking_integrations_woo_appointments_before_content_render",52,{"type":324,"name":405,"callback":600,"file":601,"line":394},"styles","src\\Service\\Assets\\Handlers\\AdminHandler.php",{"type":324,"name":405,"callback":603,"file":601,"line":455},"scripts",{"type":324,"name":405,"callback":605,"file":606,"line":408},"enqueue","src\\Service\\Assets\\Handlers\\DashboardHandler.php",{"type":335,"name":608,"callback":435,"priority":234,"file":606,"line":609},"script_loader_tag",146,{"type":324,"name":611,"callback":435,"file":606,"line":612},"admin_head",189,{"type":324,"name":399,"callback":600,"file":614,"line":459},"src\\Service\\Assets\\Handlers\\FrontendHandler.php",{"type":324,"name":399,"callback":603,"file":614,"line":329},{"type":324,"name":468,"callback":617,"file":618,"line":619},"registerSendReportCronJob","src\\Services\\CronJobs\\WeeklyReport.php",14,{"type":324,"name":621,"callback":622,"file":618,"line":28},"wp_sms_admin_email_report","generateReport",{"type":335,"name":624,"callback":625,"priority":342,"file":626,"line":403},"frm_pre_create_entry","pre_create","src\\Services\\Formidable\\Formidable.php",{"type":324,"name":628,"callback":629,"priority":342,"file":626,"line":372},"frm_after_create_entry","handle_sms",{"type":335,"name":631,"callback":435,"file":632,"line":444},"wp_sms_registered_integration_tabs","src\\Services\\Formidable\\FormidableManager.php",{"type":335,"name":634,"callback":635,"file":632,"line":394},"wp_sms_formidable_settings","setting_fields",{"type":335,"name":637,"callback":638,"priority":234,"file":632,"line":365},"frm_add_form_settings_section","frm_add_new_settings_tab",{"type":335,"name":640,"callback":641,"priority":372,"file":632,"line":379},"frm_form_options_before_update","frm_save_new_settings_tab",{"type":324,"name":643,"callback":629,"priority":234,"file":644,"line":48},"forminator_form_draft_after_save_entry","src\\Services\\Forminator\\Forminator.php",{"type":324,"name":646,"callback":629,"priority":234,"file":644,"line":444},"forminator_form_after_save_entry",{"type":335,"name":631,"callback":435,"file":648,"line":619},"src\\Services\\Forminator\\ForminatorManager.php",{"type":335,"name":650,"callback":635,"file":648,"line":403},"wp_sms_forminator_settings",{"type":324,"name":399,"callback":652,"file":653,"line":408},"enqueueScripts","src\\Services\\MessageButton\\MessageButtonManager.php",{"type":324,"name":655,"callback":656,"file":653,"line":394},"wp_footer","renderChatBox",{"type":324,"name":353,"callback":658,"file":653,"line":329},"initAdminPreview",{"type":324,"name":405,"callback":652,"file":653,"line":565},{"type":324,"name":661,"callback":656,"file":653,"line":662},"admin_footer",34,{"type":324,"name":664,"callback":665,"priority":234,"file":666,"line":619},"wp_sms_add_subscriber","welcomeMessageCallback","src\\Services\\Subscriber\\SubscriberManager.php",{"type":324,"name":668,"callback":665,"priority":234,"file":666,"line":28},"wp_sms_verify_subscriber",{"type":324,"name":483,"callback":670,"file":671,"line":547},"registerMetaBoxes","src\\Services\\WooCommerce\\OrderViewManager.php",{"type":335,"name":673,"callback":674,"file":675,"line":444},"wpsms_woocommerce_order_opt_in_notification","__return_true","src\\Services\\WooCommerce\\WooCommerceCheckout.php",{"type":324,"name":677,"callback":435,"file":675,"line":408},"woocommerce_init",{"type":324,"name":679,"callback":680,"priority":234,"file":675,"line":333},"woocommerce_set_additional_field_value","registerStoreCheckboxBlockBasedCallback",{"type":324,"name":682,"callback":683,"priority":234,"file":675,"line":342},"woocommerce_review_order_before_submit","registerCheckboxCallback",{"type":324,"name":685,"callback":686,"priority":234,"file":675,"line":347},"woocommerce_checkout_order_processed","registerStoreCheckboxCallback",{"type":324,"name":688,"callback":689,"file":675,"line":351},"woocommerce_admin_order_data_after_billing_address","registerOrderUpdateCheckbox",{"type":324,"name":691,"callback":692,"priority":234,"file":693,"line":403},"woocommerce_validate_additional_field","validateMobileNumberInCheckoutBlockBasedCallback","src\\User\\MobileFieldHandler\\WooCommerceAddMobileFieldHandler.php",{"type":324,"name":679,"callback":695,"priority":234,"file":693,"line":372},"updateMobileNumberAfterPlaceTheOrderBlockBased",{"type":335,"name":697,"callback":698,"file":693,"line":459},"woocommerce_billing_fields","registerFieldInBillingForm",{"type":324,"name":700,"callback":701,"file":693,"line":329},"woocommerce_after_save_address_validation","validateMobileNumberCallback",{"type":335,"name":703,"callback":704,"priority":234,"file":693,"line":379},"woocommerce_customer_meta_fields","registerFieldInAdminUserBillingForm",{"type":335,"name":706,"callback":707,"file":693,"line":347},"woocommerce_checkout_fields","registerFieldInCheckoutBillingForm",{"type":324,"name":709,"callback":710,"priority":234,"file":693,"line":351},"woocommerce_after_checkout_validation","validateMobileNumberInCheckoutCallback",{"type":324,"name":685,"callback":712,"priority":234,"file":693,"line":565},"updateMobileNumberAfterPlaceTheOrder",{"type":324,"name":714,"callback":715,"priority":234,"file":693,"line":569},"update_user_metadata","profilePhoneValidation",{"type":335,"name":717,"callback":718,"file":693,"line":530},"woocommerce_admin_billing_fields","registerFieldInAdminOrderBillingForm",{"type":324,"name":720,"callback":721,"priority":234,"file":693,"line":327},"woocommerce_process_shop_order_meta","updateCustomerMobileNumberAfterUpdateTheOrder",{"type":335,"name":706,"callback":723,"file":724,"line":619},"modifyBillingPhoneAttributes","src\\User\\MobileFieldHandler\\WooCommerceUsePhoneFieldHandler.php",{"type":335,"name":717,"callback":726,"file":724,"line":28},"modifyAdminBillingPhoneAttributes",{"type":335,"name":703,"callback":728,"file":724,"line":547},"modifyAdminCustomerMetaBillingPhoneAttributes",{"type":324,"name":714,"callback":715,"priority":234,"file":724,"line":444},{"type":335,"name":731,"callback":732,"file":724,"line":403},"woocommerce_checkout_posted_data","cleanUpTheNumber",{"type":324,"name":734,"callback":735,"file":736,"line":619},"user_new_form","add_mobile_field_to_newuser_form","src\\User\\MobileFieldHandler\\WordPressMobileFieldHandler.php",{"type":335,"name":738,"callback":739,"priority":234,"file":736,"line":28},"wp_sms_user_profile_fields","add_mobile_field_to_profile_form",{"type":324,"name":741,"callback":742,"file":736,"line":48},"register_form","add_mobile_field_to_register_form",{"type":335,"name":744,"callback":745,"priority":234,"file":736,"line":444},"registration_errors","frontend_registration_errors",{"type":324,"name":747,"callback":748,"priority":234,"file":736,"line":372},"user_profile_update_errors","profilePhoneValidationError",{"type":324,"name":714,"callback":715,"priority":234,"file":736,"line":408},{"type":324,"name":472,"callback":751,"priority":401,"file":736,"line":455},"updateMobileNumberCallback",{"type":324,"name":753,"callback":751,"file":736,"line":459},"profile_update",{"type":335,"name":755,"callback":756,"file":757,"line":581},"wp_send_new_user_notification_to_user","__return_false","src\\User\\RegisterUserViaPhone.php",{"type":324,"name":759,"callback":760,"priority":372,"file":761,"line":333},"admin_menu","registerMenus","src\\Utils\\MenuUtil.php",{"type":324,"name":763,"callback":435,"file":764,"line":765},"wp_dashboard_setup","src\\Widget\\AbstractWidget.php",69,[],[],[769],{"tag":770,"callback":771,"file":772,"line":397},"wp_sms_subscriber_form","registerSubscriberShortcodeCallback","src\\Shortcode\\SubscriberShortcode.php",[774],{"hook":621,"callback":621,"file":618,"line":775},47,{"dangerousFunctions":777,"sqlUsage":787,"outputEscaping":848,"fileOperations":234,"externalRequests":954,"nonceChecks":63,"capabilityChecks":916,"bundledLibraries":955},[778,783],{"fn":779,"file":780,"line":781,"context":782},"unserialize","includes\\functions.php",118,"$allMedia = unserialize($media);",{"fn":779,"file":784,"line":785,"context":786},"src\\Notification\\Handler\\SubscriberNotification.php",54,"return implode(', ', unserialize($this->subscriber->custom_fields));",{"prepared":788,"raw":365,"locations":789},136,[790,793,795,797,799,801,803,804,807,809,811,812,814,816,818,820,822,824,826,828,831,833,836,838,840,842,845],{"file":328,"line":791,"context":792},103,"$wpdb->get_var() with variable interpolation",{"file":391,"line":794,"context":792},353,{"file":391,"line":796,"context":792},356,{"file":443,"line":572,"context":798},"$wpdb->get_col() with variable interpolation",{"file":443,"line":800,"context":792},77,{"file":443,"line":802,"context":792},93,{"file":443,"line":791,"context":792},{"file":443,"line":805,"context":806},170,"$wpdb->query() with variable interpolation",{"file":443,"line":808,"context":806},174,{"file":443,"line":810,"context":806},188,{"file":443,"line":170,"context":806},{"file":443,"line":813,"context":806},212,{"file":443,"line":815,"context":792},218,{"file":443,"line":817,"context":806},219,{"file":443,"line":819,"context":792},242,{"file":443,"line":821,"context":806},243,{"file":443,"line":823,"context":792},293,{"file":443,"line":825,"context":792},317,{"file":466,"line":827,"context":806},659,{"file":470,"line":829,"context":830},249,"$wpdb->get_results() with variable interpolation",{"file":470,"line":832,"context":806},250,{"file":834,"line":835,"context":792},"src\\Admin\\Dashboard.php",400,{"file":834,"line":837,"context":792},411,{"file":834,"line":839,"context":792},427,{"file":841,"line":412,"context":798},"src\\Components\\DBUtil.php",{"file":843,"line":844,"context":798},"src\\Helper.php",331,{"file":846,"line":847,"context":798},"src\\Utils\\DBUtil.php",43,{"escaped":849,"rawEcho":389,"locations":850},594,[851,854,856,858,860,862,864,866,868,870,872,874,876,878,880,882,884,886,888,890,892,894,896,898,900,902,904,905,907,909,911,914,917,919,920,921,923,925,927,928,930,931,932,934,936,938,940,942,944,945,946,947,948,949,951,953],{"file":852,"line":408,"context":853},"includes\\admin\\class-wpsms-admin-helper.php","raw output",{"file":328,"line":855,"context":853},107,{"file":328,"line":857,"context":853},110,{"file":355,"line":859,"context":853},1344,{"file":355,"line":861,"context":853},1361,{"file":355,"line":863,"context":853},1366,{"file":355,"line":865,"context":853},1367,{"file":355,"line":867,"context":853},1372,{"file":355,"line":869,"context":853},1379,{"file":355,"line":871,"context":853},1394,{"file":355,"line":873,"context":853},1411,{"file":355,"line":875,"context":853},1425,{"file":355,"line":877,"context":853},1442,{"file":355,"line":879,"context":853},1454,{"file":355,"line":881,"context":853},1468,{"file":355,"line":883,"context":853},1499,{"file":355,"line":885,"context":853},1528,{"file":355,"line":887,"context":853},1555,{"file":355,"line":889,"context":853},1591,{"file":355,"line":891,"context":853},1623,{"file":355,"line":893,"context":853},1644,{"file":355,"line":895,"context":853},1667,{"file":355,"line":897,"context":853},1688,{"file":355,"line":899,"context":853},1702,{"file":355,"line":901,"context":853},1771,{"file":355,"line":903,"context":853},1832,{"file":402,"line":581,"context":853},{"file":454,"line":906,"context":853},60,{"file":470,"line":908,"context":853},265,{"file":780,"line":910,"context":853},275,{"file":912,"line":913,"context":853},"includes\\templates\\admin\\notice.php",6,{"file":915,"line":916,"context":853},"includes\\templates\\admin\\subscriber-form.php",35,{"file":918,"line":913,"context":853},"includes\\templates\\email\\default.php",{"file":918,"line":368,"context":853},{"file":918,"line":775,"context":853},{"file":922,"line":76,"context":853},"includes\\templates\\email\\partials\\report-data.php",{"file":924,"line":347,"context":853},"includes\\templates\\meta-box.php",{"file":924,"line":926,"context":853},67,{"file":924,"line":360,"context":853},{"file":929,"line":572,"context":853},"includes\\templates\\wpcf7-form.php",{"file":834,"line":609,"context":853},{"file":546,"line":662,"context":853},{"file":933,"line":403,"context":853},"src\\Controller\\GroupFormAjax.php",{"file":935,"line":455,"context":853},"src\\Controller\\SubscriberFormAjax.php",{"file":843,"line":937,"context":853},549,{"file":632,"line":939,"context":853},83,{"file":941,"line":351,"context":853},"src\\Services\\MessageButton\\ChatBox.php",{"file":671,"line":943,"context":853},75,{"file":675,"line":581,"context":853},{"file":675,"line":412,"context":853},{"file":675,"line":775,"context":853},{"file":736,"line":578,"context":853},{"file":736,"line":224,"context":853},{"file":950,"line":662,"context":853},"src\\Widget\\Widgets\\StatsWidget.php",{"file":952,"line":63,"context":853},"views\\components\\notices\\action-notice.php",{"file":952,"line":459,"context":853},91,[956],{"name":957,"version":38,"knownCves":958},"Select2",[],[960,986,997,1016,1028],{"entryPoint":961,"graph":962,"unsanitizedCount":984,"severity":985},"wpcf7_save_form (includes\\class-wpsms-integrations.php:63)",{"nodes":963,"edges":980},[964,969,974,978],{"id":965,"type":966,"label":967,"file":454,"line":968},"n0","source","$_POST['wpcf7-sms']",65,{"id":970,"type":971,"label":972,"file":454,"line":968,"wp_function":973},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":975,"type":966,"label":976,"file":454,"line":977},"n2","$_POST['wpcf7-sms-form']",66,{"id":979,"type":971,"label":972,"file":454,"line":977,"wp_function":973},"n3",[981,983],{"from":965,"to":970,"sanitized":982},false,{"from":975,"to":979,"sanitized":982},2,"low",{"entryPoint":987,"graph":988,"unsanitizedCount":984,"severity":985},"\u003Cclass-wpsms-integrations> (includes\\class-wpsms-integrations.php:0)",{"nodes":989,"edges":994},[990,991,992,993],{"id":965,"type":966,"label":967,"file":454,"line":968},{"id":970,"type":971,"label":972,"file":454,"line":968,"wp_function":973},{"id":975,"type":966,"label":976,"file":454,"line":977},{"id":979,"type":971,"label":972,"file":454,"line":977,"wp_function":973},[995,996],{"from":965,"to":970,"sanitized":982},{"from":975,"to":979,"sanitized":982},{"entryPoint":998,"graph":999,"unsanitizedCount":29,"severity":985},"\u003Cclass-wpsms-newsletter> (includes\\class-wpsms-newsletter.php:0)",{"nodes":1000,"edges":1012},[1001,1003,1006,1008],{"id":965,"type":966,"label":1002,"file":466,"line":943},"$_REQUEST",{"id":970,"type":971,"label":1004,"file":466,"line":506,"wp_function":1005},"get_row() [SQLi]","get_row",{"id":975,"type":966,"label":1007,"file":466,"line":943},"$_REQUEST (x2)",{"id":979,"type":971,"label":1009,"file":466,"line":1010,"wp_function":1011},"get_results() [SQLi]",201,"get_results",[1013,1015],{"from":965,"to":970,"sanitized":1014},true,{"from":975,"to":979,"sanitized":1014},{"entryPoint":1017,"graph":1018,"unsanitizedCount":29,"severity":985},"action (src\\Notice\\AbstractNotice.php:18)",{"nodes":1019,"edges":1026},[1020,1023],{"id":965,"type":966,"label":1021,"file":1022,"line":365},"$_SERVER['HTTP_REFERER']","src\\Notice\\AbstractNotice.php",{"id":970,"type":971,"label":1024,"file":1022,"line":365,"wp_function":1025},"wp_redirect() [Open Redirect]","wp_redirect",[1027],{"from":965,"to":970,"sanitized":1014},{"entryPoint":1029,"graph":1030,"unsanitizedCount":29,"severity":985},"\u003CAbstractNotice> (src\\Notice\\AbstractNotice.php:0)",{"nodes":1031,"edges":1034},[1032,1033],{"id":965,"type":966,"label":1021,"file":1022,"line":365},{"id":970,"type":971,"label":1024,"file":1022,"line":365,"wp_function":1025},[1035],{"from":965,"to":970,"sanitized":1014},{"summary":1037,"deductions":1038},"The \"wp-sms\" v7.2 plugin exhibits a mixed security posture. While the static analysis reveals a relatively small attack surface with no apparent unprotected entry points and a high percentage of SQL queries using prepared statements and properly escaped output, there are underlying concerns. The presence of two instances of the `unserialize` function is a significant red flag, as it can lead to remote code execution if not handled with extreme caution and proper input sanitization. Furthermore, the vulnerability history is concerning, with a total of 15 known medium-severity CVEs. The pattern of past vulnerabilities, including Missing Authorization, CSRF, SQL Injection, XSS, and Information Exposure, suggests a history of significant security weaknesses that require ongoing vigilance. The fact that the last vulnerability was in 2026-02-10 is peculiar given typical vulnerability timelines and might indicate an error in the provided data, but if accurate, it suggests recent attention to patching. The plugin's strengths lie in its defensive coding practices like extensive capability checks and proper output escaping for the most part, but the historical CVEs and the use of `unserialize` introduce notable risks that cannot be overlooked.",[1039,1041,1043],{"reason":1040,"points":234},"Dangerous function: unserialize used",{"reason":1042,"points":28},"Vulnerability history: 15 medium CVEs",{"reason":1044,"points":1045},"Flows with unsanitized paths",5,"2026-03-16T17:54:30.230Z",{"wat":1048,"direct":1061},{"assetPaths":1049,"generatorPatterns":1054,"scriptPaths":1055,"versionParams":1056},[1050,1051,1052,1053],"\u002Fwp-content\u002Fplugins\u002Fwp-sms\u002Fpublic\u002Fcss\u002FintlTelInput.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sms\u002Fpublic\u002Fjs\u002Fintel\u002FintlTelInput.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-sms\u002Fpublic\u002Fjs\u002Fintel\u002Fintel-script.js","\u002Fwp-content\u002Fplugins\u002Fwp-sms\u002Fpublic\u002Fjs\u002Fintel\u002Futils.js",[],[1052],[1057,1058,1059,1060],"wp-sms\u002Fpublic\u002Fcss\u002FintlTelInput.min.css?ver=","wp-sms\u002Fpublic\u002Fjs\u002Fintel\u002FintlTelInput.min.js?ver=","wp-sms\u002Fpublic\u002Fjs\u002Fintel\u002Fintel-script.js?ver=","wp-sms\u002Fpublic\u002Fjs\u002Fintel\u002Futils.js?ver=",{"cssClasses":1062,"htmlComments":1071,"htmlAttributes":1074,"restEndpoints":1076,"jsGlobals":1084,"shortcodeOutput":1086},[1063,1064,1065,1066,1067,1068,1069,1070],"iti__flag","iti__selected-flag","iti__arrow","iti__country-list","iti__country","iti__dial-code","iti__responsive-flag","wpsms-user-profile-fields",[1072,1073],"\u003C!-- WP SMS User Profile Fields -->","\u003C!-- WP SMS Newsletter Form -->",[1075],"data-intl-tel-input-id",[1077,1078,1079,1080,1081,1082,1083],"\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Fsettings","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Fgateway","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Fgateways","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Fsubscribers","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Ftemplate","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Ftemplates","\u002Fwp-json\u002Fwp-sms\u002Fv1\u002Fsend",[1085],"wp_sms_intel_tel_input",[1087,1088,1089,1090,1091,1092],"[wp_sms_subscriber_form]","[wp_sms_gateway_form]","[wp_sms_template_form]","[wp_sms_test_sms_form]","[wp_sms_sender_id_form]","[wp_sms_settings_form]"]