3 matches found
CVE-2025-14581
The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...
CVE-2025-14581
creationtimestamp| type| source ---|---|--- 2025-12-13 07:27:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7u3blmegx2e...
WordPress HAPPY – Helpdesk Support Ticket System plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Ticket Reply vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin HAPPY versions = 1.0.9...