CVE-2024-30539 WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7...

CVE-2024-30539

Technical details about CVE-2024-30539 are not provided in the connected documents. The description notes a Missing Authorization issue in Awesome Support (

PT-2024-20512 · Unknown · Awesome Support

Name of the Vulnerable Software and Affected Versions: Awesome Support versions n/a through 6.1.6 Description: A Missing Authorization issue affects the Awesome Support software. This issue allows unauthorized access, potentially leading to data breaches or other security incidents. The estimated...

WordPress plugin Awesome Support security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

WordPress plugin Awesome Support security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2024-23468 · Unknown · Awesome Support

Name of the Vulnerable Software and Affected Versions: Awesome Support versions 6.1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability in Awesome Support Team Awesome Support. Recommendations: For versions 6.1.7 and earlier, update to a version later than 6.1...

WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Awesome Support versions = 6.1.7...

WordPress Awesome Support Plugin <= 6.1.7 is vulnerable to Broken Access Control

Software Awesome Support Type Plugin Vulnerable versions = 6.1.7 Fixed in 6.1.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35741 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 202446b05649 Credits Steven Julian Required...

Awesome Support < 6.1.8 - Missing Authorization

Description The Awesome Support plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in versions up to, and including, 6.1.7. This makes it possible for unauthenticated attackers to perform unauthorized actions...

WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Awesome Support versions = 6.1.7...

WordPress Awesome Support Plugin <= 6.1.7 is vulnerable to Broken Access Control

Software Awesome Support Type Plugin Vulnerable versions = 6.1.7 Fixed in 6.1.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-30539 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 67f0107630dd Credits Khalid Yusuf Required...

WordPress Awesome Support Plugin <= 6.1.7 is vulnerable to SQL Injection

Software Awesome Support Type Plugin Vulnerable versions = 6.1.7 Fixed in 6.1.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0594 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 63f2c5ccd5ea Credits Krzysztof Zając Required privilege Subscriber...

CVE-2024-0596

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editorhtml function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with...

CVE-2024-0595

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpasgetusers function hooked via AJAX in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with...

CVE-2024-0594

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpasgetusers action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-0594

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpasgetusers action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

Sql injection

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpasgetusers action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-0595

CVE-2024-0595 concerns the Awesome Support – WordPress HelpDesk & Support Plugin. The issue is an unauthorized access vulnerability caused by a missing capability check in the wpas_get_users() function, triggered via AJAX, affecting all versions up to and including 6.1.7. The impact, as documente...

CVE-2024-0594 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL Injection

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpasgetusers action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

PT-2024-15676 · WordPress · The Awesome Support – Wordpress Helpdesk & Support Plugin

Name of the Vulnerable Software and Affected Versions: The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress versions up to, and including, 6.1.7 Description: The issue is related to unauthorized access due to a missing capability check on the wpas get users function, whi...