5 matches found
WordPress plugin Tickera – Sell Tickets & Manage Events 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2025-14034 ilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Deletion
The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'deletesingleticketcallback' and 'changeticketstatuscallback' functions in all versions up to, and including, 1.2.6. This makes it...
CVE-2024-43446
An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS Community Edition...
CVE-2024-43446
CVE-2024-43446 affects OTRS: improper privilege management in the Generic Interface module allows users with read-only privileges to change ticket status. Impacted: OTRS 7.0.x, 8.0.x, 2023.x, 2024.x and ((OTRS)) Community Edition 6.0.x (and products built on it). Root cause: insufficient access c...
PT-2025-2648 · Otrs · Otrs
Name of the Vulnerable Software and Affected Versions: OTRS versions 6.0.x through 8.0.x OTRS versions 2023.x through 2024.x Description: An improper privilege management issue in the OTRS Generic Interface module allows users with read-only permissions to change the ticket status. This issue may...