Lucene search
+L

29 matches found

patchstack
patchstack
added 2025/11/20 10:1 p.m.9 views

WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.0 - Missing Authorization to Authenitcated (Subscriber+) to Scheduled Trigger Deletion vulnerability

Missing Authorization to Authenitcated Subscriber+ to Scheduled Trigger Deletion vulnerability discovered by Legion Hunter in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System versions = 3.3.0...

4.3CVSS7AI score0.00168EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16387

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00628EPSS
Exploits0References4
cve
cve
added 2025/09/22 6:24 p.m.11 views

CVE-2025-57972

CVE-2025-57972 affects the WordPress plugin Helpdesk Support Ticket System for WooCommerce (

4.3CVSS5.9AI score0.0023EPSS
Exploits0References1
cve
cve
added 2025/04/05 1:44 a.m.48 views

CVE-2024-13604

CVE-2024-13604 affects KB Support – Customer Support Ticket & Knowledge Base Plugin for WordPress. It enables unauthenticated attackers to access the /wp-content/uploads/kbs directory and exfiltrate sensitive data (including ticket attachments) via a Unauthenticated Sensitive Information Exposure...

7.5CVSS7.4AI score0.00446EPSS
Exploits0References3
nvd
nvd
added 2025/03/01 5:15 a.m.13 views

CVE-2024-13568

The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

7.5CVSS0.00399EPSS
Exploits0References2
cvelist
cvelist
added 2025/02/01 3:21 a.m.20 views

CVE-2024-12171 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'ehcrmagentadduser' AJAX action in all versions up to, and including, 3.2.6. This makes it possible for authenticated attackers, with...

8.8CVSS0.00483EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/01/15 12:0 a.m.5 views

PT-2025-4682 · WordPress · Wordpress Helpdesk & Support Ticket System Plugin – Octrace Support

Name of the Vulnerable Software and Affected Versions: Octrace Studio WordPress HelpDesk & Support Ticket System Plugin – Octrace Support versions 1.2.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site...

5.9CVSS9AI score0.00223EPSS
Exploits0References5
patchstack
patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...

1.4AI score
Exploits0References2Affected Software1
patchstack
patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...

3AI score
Exploits0References2Affected Software1
Rows per page
Query Builder