CVE Catalog
CVE-2026-40790
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.33%
24th percentile — higher than 24% of all known CVEs
Summary
There is a vulnerability in WP SMS versions up to 7.2.1 that exposes sensitive subscriber data.
Risk Assessment
Organizations may be at risk of leaking personal data of subscribers, which can lead to privacy breaches and loss of customer trust.
Recommendation
It is recommended to update the WP SMS plugin to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions.

