CVE-2026-27395 WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...

CVE-2026-27395

Vulnerability: WordPress Support Board plugin fallbacks to Privilege Escalation in versions

WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Board versions 3.8.9...

WordPress plugin Support Board 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Support Board 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-28803

Name of the Vulnerable Software and Affected Versions: Support Board plugin for WordPress versions prior to 3.8.1 Description: The Support Board plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the sb file delete function. This flaw allo...

CVE-2021-24807

The Support Board WordPress plugin before 3.3.5 allows Authenticated Agent+ users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authenticated user go to the chat the XSS will be automatically executed...

CVE-2021-24823

The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to make logged in users do unwanted actions. For example, make an admin delete arbitrary files...

WordPress Support Board plugin跨站请求伪造漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site request forgery vulnerability exists in versions of the WordPress Support Board plugin prior to 3.3.6, whic...

WordPress plugin Support Board 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site request forgery vulnerability exists in versions of the WordPress Support Board plugin prior to 3.3.6, whic...

CVE-2021-24807

The Support Board WordPress plugin before 3.3.5 allows Authenticated Agent+ users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authenticated user go to the chat the XSS will be automatically executed...

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in the...