Lucene search
K

15 matches found

NVD
NVD
added 2026/06/13 3:16 a.m.14 views

CVE-2026-9848

The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter s in versions up to, and including, 6.0.4 The plugin hooks WordPress's postsrequest filter with wpticketcompostsrequest, which calls emdauthorsearchresults when the current request is an...

7.5CVSS0.0051EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/13 2:29 a.m.29 views

CVE-2026-9848 WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter

The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter s in versions up to, and including, 6.0.4 The plugin hooks WordPress's postsrequest filter with wpticketcompostsrequest, which calls emdauthorsearchresults when the current request is an...

7.5CVSS0.0051EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.21 views

PT-2026-49077

Name of the Vulnerable Software and Affected Versions WP Ticket versions prior to 6.0.5 Description The WP Ticket plugin for WordPress allows unauthenticated attackers to extract sensitive information from the database. The issue occurs during unauthenticated front-end searches when the plugin...

7.5CVSS5.5AI score0.0051EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.4 views

WordPress plugin WP Ticket Customer Service Software & Support Ticket System Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to set up a personal blog site on a PHP and MySQL based...

6.5CVSS5.6AI score0.00209EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/23 2:12 a.m.6 views

WordPress WP Ticket Customer Service Software & Support Ticket System plugin <= 6.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin WP Ticket Customer Service Software & Support Ticket System versions = 6.0.0...

6.5CVSS5.8AI score0.00159EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/20 11:22 a.m.7 views

WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Support Ticket versions = 1.9...

6.5CVSS6.6AI score0.00425EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/12 7:45 p.m.8 views

WordPress Support Ticket Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Support Ticket versions = 1.9...

6.5CVSS6.2AI score0.00219EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 3:33 a.m.7 views

CVE-2018-21002

The js-support-ticket plugin before 2.0.6 for WordPress has CSRF...

8.8CVSS7.1AI score0.00681EPSS
Exploits0References1
NVD
NVD
added 2023/12/31 6:15 p.m.8 views

CVE-2023-51547

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPManageNinja LLC Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin: from n/a through...

7.6CVSS0.00534EPSS
Exploits0References1
CVE
CVE
added 2023/12/31 5:39 p.m.89 views

CVE-2023-51547

CVE-2023-51547 affects Fluent Support (WordPress plugin) up to version 1.7.6. It is an authenticated SQL Injection caused by improper neutralization of input in SQL commands. Impact per sources is high; patch status is Patched, but no fixed version is specified in the provided documents. Recommen...

7.6CVSS7.8AI score0.00534EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/10/18 12:0 a.m.3 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

4.8CVSS5AI score0.00622EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/09/20 12:0 a.m.15 views

WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Navigate to WP Ticket Forms edit layout of "Open a Ticket" or "Search...

4.8CVSS1.1AI score0.00622EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2021/09/20 12:0 a.m.14 views

WordPress WP Ticket plugin <= 5.10.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Tri Wanda Septian in WordPress WP Ticket plugin versions = 5.10.3. Solution Update the WordPress WP Ticket plugin to the latest available version at least 5.10.4...

4.8CVSS2.9AI score0.00622EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2019/08/29 12:0 a.m.3 views

WordPress js-support-ticket plugin cross-site request forgery vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in versions of the WordPress js-support-ticket plugin prior to version 2.0....

8.8CVSS6.7AI score0.00681EPSS
Exploits0References1
Patchstack
Patchstack
added 2016/01/28 12:0 a.m.10 views

WordPress Sola Support Ticket Plugin <= 3.12 - Multiple Vulnerabilities

Anyone, who is logged in user and access to wp-admin, can update settings, allowing HTML to be analyzed. For this reason, information can be obtained. Solution Update the plugin...

1.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder