CVE-2026-28136

Publication date

2026-02-26 08:33:36

Family

Patchstack

State

PUBLISHED

Description

Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.