CVE-2026-28136 | VeronaLabs WP SMS Plugin up to 6.9.12 on WordPress sql injection

February 26, 2026 Yanac

A vulnerability classified as critical has been found in VeronaLabs WP SMS Plugin up to 6.9.12 on WordPress. The affected element is an unknown function. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2026-28136. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More