PT-2026-31110

Name of the Vulnerable Software and Affected Versions The Awesome Support – WordPress HelpDesk & Support Plugin versions up to and including 6.3.7 Description The Awesome Support – WordPress HelpDesk & Support Plugin is susceptible to an Insecure Direct Object Reference issue. The wpas get ticket...

WordPress Awesome Support - WordPress HelpDesk & Support Plugin plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role Demotion vulnerability

WordPress Awesome Support - WordPress HelpDesk & Support Plugin plugin = 6.3.6 - Missing Authorization to Unauthenticated Role Demotion vulnerability discovered by shark3y in WordPress Plugin Awesome Support versions = 6.3.6...

EUVD-2015-9158

Malware in sbrugna...

EUVD-2022-6922

Malicious code in bioql PyPI...

CVE-2025-53340

CVE-2025-53340 affects the WordPress plugin Awesome Support. Public docs describe a Missing Authorization vulnerability in Awesome Support, impacting versions up to 6.3.4 (per CVE entry). Related sources indicate this is an information exposure issue with medium base severity (CVSS 3.1/3.1 base 5...

CVE-2025-53340 WordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through = 6.3.6...

WordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Awesome Support versions = 6.3.6...

CVE-2023-51538

Cross-Site Request Forgery CSRF vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5...

CVE-2023-48323

Cross-Site Request Forgery CSRF vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4...

CVE-2023-5355

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server...

CVE-2023-5352

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...

CVE-2022-3511

The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector...

CVE-2019-20181

The awesome-support plugin 5.8.0 for WordPress allows XSS via the posttitle parameter...

CVE-2015-9317

The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages...

CVE-2015-9318

The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies...

CVE-2024-13567

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

CVE-2024-13567

CVE-2024-13567 affects the Awesome Support – WordPress HelpDesk & Support Plugin for WordPress. All versions up to and including 6.3.1 expose sensitive information via the /wp-content/uploads/awesome-support directory, allowing unauthenticated attackers to harvest attachments from ticket data. Th...

PT-2025-14027 · WordPress · Awesome Support

Name of the Vulnerable Software and Affected Versions: The Awesome Support – WordPress HelpDesk & Support Plugin versions up to, and including, 6.3.1 Description: The issue allows unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/awesome-support...

CVE-2024-0594

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpasgetusers action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-54289 WordPress Awesome Support plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through = 6.3.1...