CVE-2025-14033 ilGhera Support System for WooCommerce <= 1.3.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getticketcontentcallback' function in all versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to view any...

CVE-2025-14033

CVE-2025-14033 affects the WordPress plugin “ilGhera Support System for WooCommerce” (woocommerce integration) with versions up to and including 1.3.0. The vulnerability is a missing capability check in get_ticket_content_callback, allowing unauthenticated attackers to read any support ticket con...

EUVD-2026-20251

Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through = 2.3.6...

CVE-2025-14034

The vulnerability CVE-2025-14034 affects the ilGhera Support System for WooCommerce WordPress plugin. A missing capability check in delete_single_ticket_callback and change_ticket_status_callback in all versions through 1.2.6 allows authenticated attackers with Subscriber+ privileges to delete ar...