CVE-2026-4654
The Awesome Support – WordPress HelpDesk & Support Plugin for WordPress is affected by an Insecure Direct Object Reference in versions up to and including 6.3.7. The vulnerability stems from wpas_get_ticket_replies_ajax() not verifying that the authenticated user has permission to view the reques...