WordPress plugin ELEX WordPress HelpDesk & Customer Ticketing System 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Unspecified Vulnerability in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin ELEX WordPress HelpDesk & Customer...

EUVD-2025-198487

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the 'ehcrmticketsingleviewclient' due to missing validation on a user controlled key. This makes it possible for...

CVE-2025-12023 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Ticket Restore

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ehcrmrestoredata function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with...

CVE-2025-10046 ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL Inejction

The ELEX WooCommerce Google Shopping Google Product Feed plugin for WordPress is vulnerable to SQL Injection via the 'filetodelete' parameter in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

WordPress ELEX WooCommerce Advanced Bulk Edit Products,Prices&Attributes SQL Injection Vulnerability

WordPress ELEX WooCommerce Advanced Bulk Edit Products,Prices&Attributes is a plugin for bulk editing of WooCommerce product information, prices and attributes with support for Simple, Variant, External and Bundled products. WordPress ELEX WooCommerce Advanced Bulk Edit Products,Prices&Attributes...

WordPress plugin ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes SQL注入漏洞

WordPress ELEX WooCommerce Advanced Bulk Edit Products,Prices&Attributes is a plugin for bulk editing of WooCommerce product information, prices and attributes with support for Simple, Variant, External and Bundled products. WordPress ELEX WooCommerce Advanced Bulk Edit Products,Prices&Attributes...

CVE-2024-12266

CVE-2024-12266 affects the ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress. The Red Hat advisory confirms a missing capability check in the functions elex_dp_export_rules() and elex_dp_import_rules() across all versions up to and including 2.1.7, enabling unauthenticated attac...

WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. WordPress Plugin ELEX WooCommerce...

PT-2024-23898 · Elex · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts versions through 2.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables...