4 matches found
CVE-2024-8632
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbsajaxloadfrontendreplies' and 'kbsajaxmarkreplyasread' functions in all versions up to, and including, 1.6.6. This...
CVE-2024-8632 KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Unauthenticated Ticket Reply Exposure
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbsajaxloadfrontendreplies' and 'kbsajaxmarkreplyasread' functions in all versions up to, and including, 1.6.6. This...
CVE-2024-8632 KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Unauthenticated Ticket Reply Exposure
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbsajaxloadfrontendreplies' and 'kbsajaxmarkreplyasread' functions in all versions up to, and including, 1.6.6. This...
WordPress KB Support Plugin <= 1.6.6 is vulnerable to Broken Access Control
Software KB Support Type Plugin Vulnerable versions = 1.6.6 Fixed in 1.6.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8632 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 987ce6d6ccaa Credits Krzysztof Zając Required...