A critical vulnerability was discovered in the SMS Alert Order Notifications plugin, allowing for subscriber privilege escalation. This issue, tracked as CVE-2026-54803, has a CVSS score of 9.8 and was published on June 17, 2026. The vulnerability affects versions up to 3.9.4 and allows attackers to escalate privileges due to inadequate access controls. Organizations using this plugin should take immediat [truncated]
HIGHCozy Vision Technologies Pvt. Ltd.CVE published 2026-06-17
CVE-2026-54802 is a HIGH-severity vulnerability (CVSS Score: 7.5) affecting the SMS Alert Order Notifications plugin up to version 3.9.3. This vulnerability allows unauthenticated attackers to bypass authentication due to broken authentication mechanisms. Successful exploitation could enable attackers to access sensitive information. The vulnerability was published on June 17, 2026, and immediately gained [truncated]
