CVE-2026-39593 WordPress HAPPY plugin <= 1.0.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HAPPY: from n/a through 1.0.10...

WordPress plugin HAPPY 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress HAPPY plugin <= 1.0.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin HAPPY versions = 1.0.10...

CVE-2025-67977

CVE-2025-67977 describes a Missing Authorization vulnerability in the WordPress plugin “HAPPY – Helpdesk Support Ticket System” (versions up to and including 1.0.8). According to Red Hat/NVD/CVE records, the flaw is a Broken Access Control via incorrectly configured access levels, enabling unauth...

CVE-2025-67977 WordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.8...

CVE-2025-67977 WordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.8...

WordPress plugin HAPPY 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin HAPPY versions = 1.0.8...

WordPress HAPPY plugin missing authorization vulnerability

WordPress HAPPY plugin is a feature extension plugin for Elementor page builder. A lack of authorization vulnerability exists in WordPress HAPPY plugin, which can be exploited by an attacker to cause the exploitation of a misconfigured access control security level...

CVE-2025-68556

CVE-2025-68556 concerns the WordPress package VillaTheme HAPPY plugin . Multiple sources describe a Missing Authorization / Broken Access Control vulnerability in HAPPY versions up to and including 1.0.9 , caused by an incorrectly configured access control security level. The impact is described ...

CVE-2025-68556 WordPress HAPPY plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through 1.0.9...

CVE-2025-68556 WordPress HAPPY plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.9...

WordPress HAPPY plugin <= 1.0.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin HAPPY versions = 1.0.9...

WordPress plugin HAPPY 安全漏洞

WordPress HAPPY plugin is a feature extension plugin for Elementor page builder. A lack of authorization vulnerability exists in WordPress HAPPY plugin, which can be exploited by an attacker to cause the exploitation of a misconfigured access control security level...

CVE-2025-14581 HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...

CVE-2025-14581 HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...

WordPress HAPPY – Helpdesk Support Ticket System plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Ticket Reply vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin HAPPY versions = 1.0.9...

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372

CVE-2025-49372 is an unauthenticated remote code execution in WordPress HAPPY plugin &lt;= 1.0.7 (VillaTheme HAPPY happy-helpdesk-support-ticket-system) caused by Improper Control of Generation of Code (Code Injection) leading to Remote Code Inclusion. Red Hat and NVD entries corroborate the same...