63 matches found
CVE-2026-32522
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through 18.5...
EUVD-2026-15886
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through 18.5...
CVE-2026-32522
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through 18.5...
CVE-2026-32522 WordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through 18.5...
PT-2026-28036
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through 18.5...
WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin Helpdesk Support Ticket System for WooCommerce versions = 2.1.2...
WordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by Phat RiO in WordPress Plugin WooCommerce Support Ticket System versions 18.5...
CVE-2026-24959
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.1...
WordPress WooCommerce Support Ticket System plugin <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Tonn in WordPress Plugin WooCommerce Support Ticket System versions = 17.7...
EUVD-2025-38109
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-woocommerce allows Using Malicious Files.This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through = 2.1.0...
EUVD-2024-52885
Malicious code in bioql PyPI...
EUVD-2022-39101
Malicious code in bioql PyPI...
CVE-2024-55985
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
WordPress WooCommerce Support Ticket System plugin <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Post Deletion and Information Exposure vulnerability discovered by Lucio Sá in WordPress Plugin WooCommerce Support Ticket System versions = 17.8...
CVE-2024-13775
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajaxdeletemessage', 'ajaxgetcustomerspartiallist', and 'ajaxgetadminslist' functions in all versions up to, and including, 17.8. This makes it...
CVE-2024-13775 WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajaxdeletemessage', 'ajaxgetcustomerspartiallist', and 'ajaxgetadminslist' functions in all versions up to, and including, 17.8. This makes it...
CVE-2025-22762
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Octrace WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support allows Stored XSS.This issue affects WordPress HelpDesk & Support Ticket System Plugin – Octrace Support:...
CVE-2024-55985
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
CVE-2024-55985 WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
CVE-2024-55985
CVE-2024-55985 affects YDS Support Ticket System (YDS). The issue is an SQL Injection caused by improper neutralization of input in SQL commands, affecting YDS Support Ticket System versions up to 1.0. Patch status is Unpatched according to Wordfence/Red Hat ENISA feeds. Exploitation details are ...