CVE-2025-49422

Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through = 1.9...

CVE-2025-49422

Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through = 1.9...

CVE-2025-49422 WordPress iframe Wrapper plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aelora iframe Wrapper allows DOM-Based XSS. This issue affects iframe Wrapper: from n/a through 0.1.1...

CVE-2025-49422

CVE-2025-49422 is a Privilege Escalation vulnerability in the WordPress plugin Support Ticket (Themepassion). The issue is described as an Incorrect Privilege Assignment that could allow escalation to higher-privilege actions in the affected plugin versions, specifically

PT-2025-33950 · Unknown · Aelora Iframe Wrapper

Name of the Vulnerable Software and Affected Versions: Aelora iframe Wrapper versions n/a through 0.1.1 Description: Aelora iframe Wrapper is susceptible to a DOM-Based Cross-Site Scripting issue due to improper neutralization of input during web page generation. Recommendations: Update Aelora...