CVE-2026-25343

216.73.217.22

· Published 19/02/2026 09:16 · Modified 20/02/2026 17:25

Labels: CVE-2026-25343 2026-02-19 CVE-2026-25343 CWE-79 [email protected]

Essential information

Published: 19/02/2026 09:16
Modified: 20/02/2026 17:25
Author: —
Creator: —
CVSS: 5.9 MEDIUM (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVSS metrics

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue affects WP SMS: from n/a through <= 7.1.

NVD status

Status: Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
veronalabs / wp sms	`cpe:2.3:a:veronalabs:wp_sms::::::::`