SMS Alert Order Notifications – WooCommerce

Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function vulnerability <= 3.8.1

Authenticated (Contributor+) Stored CrossSite Scripting via sa_verify Shortcode vulnerability <= 3.8.1

SQL Injection Vulnerability <= 3.8.1

Unauthenticated Account Takeover/Privilege Escalation vulnerability <= 3.7.9

SQL Injection vulnerability <= 3.7.8