CVE-2026-11590

The WP Support Plus Responsive Ticket System WordPress plugin up to version 9.1.2 is affected by an SQL injection vulnerability caused by not sanitizing user-supplied array keys before using them in a SQL statement. This allows unauthenticated attackers to exploit the flaw (via the filter[element...