6 matches found
CVE-2026-32522
CVE-2026-32522 is a path-traversal vulnerability in the WooCommerce Support Ticket System plugin for WordPress (affected:
PT-2025-38822
Name of the Vulnerable Software and Affected Versions WPFactory Helpdesk Support Ticket System for WooCommerce versions through 2.0.2 Description The software contains a flaw related to missing authorization, allowing exploitation of incorrectly configured access control security levels...
PT-2025-2265 · WordPress · Woocommerce Support Ticket System
Name of the Vulnerable Software and Affected Versions: WooCommerce Support Ticket System plugin for WordPress versions up to, and including, 17.8 Description: The issue is related to missing capability checks on the ajax delete message, ajax get customers partial list, and ajax get admins list...
CVE-2024-10627
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxmanagefilechunkupload function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to upload arbitrary fil...
CVE-2024-10625
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletetmpuploadedfile function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrary...
WordPress plugin WooCommerce Support Ticket System 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...