Lucene search
K

52 matches found

CVE
CVE
added 2019/08/22 6:58 p.m.49 views

CVE-2019-15331

The CVE-2019-15331 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system, affected in all versions prior to 9.1.2. Multiple connected sources confirm a vulnerability described as HTML injection / stored cross-site scripting (XSS) in this plugin. The vulnerability stems from...

6.1CVSS6.6AI score0.00913EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/22 6:57 p.m.40 views

CVE-2016-10930

The CVE-2016-10930 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System. Affected component: the wp-support-plus-responsive-ticket-system plugin for WordPress. Root cause: insecure direct object reference via a ticket number in the plugin prior to version 7.1.0. Impact: po...

9.8CVSS9.3AI score0.02016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/22 6:56 p.m.33 views

CVE-2014-10387

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection...

10AI score0.01795EPSS
Exploits0References1
CVE
CVE
added 2019/08/22 6:56 p.m.49 views

CVE-2014-10387

The CVE-2014-10387 incident concerns the WordPress plugin WP Support Plus Responsive Ticket System (affected: before version 4.2). The vulnerability is an SQL injection in the plugin, exposing potential disclosure/modification of data and impact to availability, as indicated by CVSS metrics (UP t...

9.8CVSS9.9AI score0.01795EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/22 6:55 p.m.29 views

CVE-2014-10388

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure...

5.3AI score0.01332EPSS
Exploits0References1
CVE
CVE
added 2019/08/22 6:55 p.m.46 views

CVE-2014-10388

CVE-2014-10388 affects the WordPress plugin wp-support-plus-responsive-ticket-system prior to version 4.2. Multiple connected sources (RH, NVD, CVE lists, WPVulnDB) consistently describe a full path disclosure vulnerability in this plugin, enabling disclosure of server file paths. Public details ...

5.3CVSS5.3AI score0.01332EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/22 6:54 p.m.44 views

CVE-2014-10391

The CVE-2014-10391 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System, specifically versions prior to 4.1. The vulnerability is a JavaScript injection (XSS) flaw caused by insufficient validation of client-side data in the plugin. Impact is that an attacker could trigger...

6.1CVSS6.7AI score0.00913EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/04/01 12:0 a.m.20 views

WordPress Support Plus Responsive Ticket System Plugin < 9.1.2 XSS Vulnerability

The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

6.1CVSS6.4AI score0.01662EPSS
Exploits1References2
Prion
Prion
added 2019/03/21 4:1 p.m.9 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the submitticket.php module in the WP Support Plus Responsive Ticket System plugin 9.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the subject parameter in...

4.3CVSS6AI score0.01662EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2019/03/19 12:0 a.m.15 views

WordPress WP Support Plus Responsive Ticket System plugin <= 9.1.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability found by Christian Angel in WordPress WP Support Plus Responsive Ticket System plugin versions = 9.1.1. Solution Update the WordPress WP Support Plus Responsive Ticket System plugin to the latest available version at least 9.1.2...

6.1CVSS2.2AI score0.01662EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/18 7:42 p.m.40 views

CVE-2019-7299

CVE-2019-7299 concerns a stored XSS in the WP Support Plus Responsive Ticket System WordPress plugin, specifically in submit_ticket.php (path: wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php) for version 9.1.1. The vulnerability allows injection of arbi...

6.1CVSS5.9AI score0.01662EPSS
Exploits1References3Affected Software1
Dsquare
Dsquare
added 2018/05/11 12:0 a.m.670 views

WordPress WP Support Plus Responsive Ticket System SQL Injection

SQL Injection vulnerability in WordPress WP Support Plus Responsive Ticket System plugin Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

0.9AI score
Exploits0
CNVD
CNVD
added 2018/03/27 12:0 a.m.5 views

Pradeep Makone wordpress Support Plus Responsive Ticket System SQL Injection Vulnerability

WordPress is a suite of blogging platforms from the WordPress Software Foundation developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Pradeep Makone wordpress Support Plus Responsive Ticket System is a set of Responsive Ticket System for...

9.8CVSS8.1AI score0.02125EPSS
Exploits1References1
Patchstack
Patchstack
added 2018/03/15 12:0 a.m.18 views

WordPress WP Support Plus Responsive Ticket System plugin <=9.0.2 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities

Multiple Authenticated SQL Injection SQLi vulnerabilities found by 00theway in WordPress WP Support Plus Responsive Ticket System plugin versions =9.0.2. Solution Update the WordPress WP Support Plus Responsive Ticket System plugin to the latest available version at least 9.0.3...

9.8CVSS3.3AI score0.02125EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/03/14 1:29 p.m.5 views

CVE-2018-1000131

Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site,...

9.8CVSS5.8AI score0.02125EPSS
Exploits1References3
Prion
Prion
added 2018/03/14 1:29 p.m.12 views

Sql injection

Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site,...

7.5CVSS9.7AI score0.02125EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/03/14 1:0 p.m.46 views

CVE-2018-1000131

The CVE-2018-1000131 entry affects the WordPress plugin WP Support Plus Responsive Ticket System (versions ≤ 9.0.2). The vulnerability is a SQL Injection in the function that retrieves tickets, where the email parameter stored in a cookie is injected, enabling an attacker to manipulate queries. E...

9.8CVSS9.8AI score0.02125EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2017/11/20 12:0 a.m.18 views

WordPress WP Support Plus Responsive Ticket System plugin <=8.0.7 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability found in WordPress WP Support Plus Responsive Ticket System plugin versions =8.0.7. Solution Update the WordPress WP Support Plus Responsive Ticket System plugin to the latest available version at least version 8.0.8...

5.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2017/11/11 12:0 a.m.9 views

WP Support Plus Responsive Ticket System < 8.0.8 - Remote Code Execution (RCE)

WP Support Plus Responsive Ticket System = 8.0.7 allows anyone to upload PHP files with extensions like ".phtml", ".php4", ".php5", and so on, all of which are run as if their extension was ".php" on most hosting platforms. This is because "includes/admin/attachment/uploadAttachment.php" contains...

7.3AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2017/08/01 12:0 a.m.18 views

WP Support Plus Responsive Ticket System < 8.0.0 - Privilege Escalation

You can login as anyone without knowing password because of incorrect usage of wpsetauthcookie. PoC Username:...

2.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder