WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.0 - Missing Authorization to Authenitcated (Subscriber+) to Scheduled Trigger Deletion vulnerability

Missing Authorization to Authenitcated Subscriber+ to Scheduled Trigger Deletion vulnerability discovered by Legion Hunter in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System versions = 3.3.0...

EUVD-2024-16387

Malicious code in bioql PyPI...

CVE-2025-57972

CVE-2025-57972 affects the WordPress plugin Helpdesk Support Ticket System for WooCommerce (

CVE-2024-13604

CVE-2024-13604 affects KB Support – Customer Support Ticket & Knowledge Base Plugin for WordPress. It enables unauthenticated attackers to access the /wp-content/uploads/kbs directory and exfiltrate sensitive data (including ticket attachments) via a Unauthenticated Sensitive Information Exposure...

CVE-2024-13568

The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

CVE-2024-12171 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'ehcrmagentadduser' AJAX action in all versions up to, and including, 3.2.6. This makes it possible for authenticated attackers, with...

PT-2025-4682 · WordPress · Wordpress Helpdesk & Support Ticket System Plugin – Octrace Support

Name of the Vulnerable Software and Affected Versions: Octrace Studio WordPress HelpDesk & Support Ticket System Plugin – Octrace Support versions 1.2.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site...

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...