Vulnerabilities > Veronalabs > Low

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-24561 Cross-site Scripting vulnerability in Veronalabs WP SMS
The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_group_name" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue
network
veronalabs CWE-79
3.5
3.5
2019-06-03 CVE-2019-12566 Cross-site Scripting vulnerability in Veronalabs WP Statistics
The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php.
network
veronalabs CWE-79
3.5
3.5