Lucene search
K

158 matches found

Cvelist
Cvelist
added 2022/02/07 3:47 p.m.21 views

CVE-2021-24880 SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting

The SupportCandy WordPress plugin before 2.2.7 does not validate and escape the page attribute of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...

5.6AI score0.00604EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/02/07 3:47 p.m.23 views

CVE-2021-24879 SupportCandy < 2.2.7 - CSRF to Cross-Site Scripting

The SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsctickets AJAX action, nor has any sanitisation or escaping in some of the filter fields which could allow attackers to make a logged in user having access to the ticket lists dashboard set an arbitrary filter stored...

8.5AI score0.00612EPSS
Exploits2References1
CVE
CVE
added 2022/02/07 3:47 p.m.49 views

CVE-2021-24879

CVE-2021-24879 affects the WordPress SupportCandy plugin prior to 2.2.7. The vulnerability stems from missing CSRF protection in the wpsc_tickets AJAX action and insufficient sanitisation/escaping in several filter fields, allowing a logged-in attacker to craft a filter stored in cookies that con...

8.8CVSS8.5AI score0.00612EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/02/07 3:47 p.m.33 views

CVE-2021-24878 SupportCandy < 2.2.7 - Reflected Cross-Site Scripting

The SupportCandy WordPress plugin before 2.2.7 does not sanitise and escape the query string before outputting it back in pages with the wpsccreateticket shortcode embed, leading to a Reflected Cross-Site Scripting issue...

6.2AI score0.01165EPSS
Exploits2References1
CVE
CVE
added 2022/02/07 3:47 p.m.44 views

CVE-2021-24843

The CVE refers to the WordPress plugin SupportCandy (before 2.2.7) where the wpsc_tickets AJAX action lacks a CSRF check. This allows a logged-in attacker to trigger a request (via the set_delete_permanently_bulk_ticket setting_action) and delete arbitrary tickets. Root cause: missing CSRF protec...

6.5CVSS6.4AI score0.00531EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/02/07 3:47 p.m.63 views

CVE-2021-24878

The CVE-2021-24878 entry concerns the WordPress plugin SupportCandy (before 2.2.7). The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by failing to sanitize/escape the query string when outputting it back in pages using the [wpsc_create_ticket] shortcode embed. Impact descri...

6.1CVSS6AI score0.01165EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/02/07 3:47 p.m.22 views

CVE-2021-24843 SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF

The SupportCandy WordPress plugin before 2.2.7 does not have CRSF check in its wpsctickets AJAX action, which could allow attackers to make a logged in admin call it and delete arbitrary tickets via the setdeletepermanentlybulkticket settingaction...

6.6AI score0.00531EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/02/07 3:47 p.m.38 views

CVE-2021-24839 SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion

The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CSRF checks in its wpsctickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the setdeletepermanentlybulkticket settingaction. Other actions may be affected as well...

7.8AI score0.0124EPSS
Exploits2References1
CVE
CVE
added 2022/02/07 3:47 p.m.58 views

CVE-2021-24839

CVE-2021-24839 affects the SupportCandy WordPress plugin pre-2.2.5. The wpsc_tickets AJAX action lacks authorization and CSRF checks, enabling unauthenticated remote calls to delete arbitrary tickets via set_delete_permanently_bulk_ticket (and possibly affecting other actions). NVD lists CVSSv3.1...

7.5CVSS7.6AI score0.0124EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/02/07 12:0 a.m.7 views

Wordpress Plugin SupportCandy 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site request forgery vulnerability...

6.5CVSS6.5AI score0.00531EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/02/07 12:0 a.m.3 views

Wordpress Plugin SupportCandy 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in Wordpress Plugin SupportCandy, which stems from the product's failure to effectively hand...

5.4CVSS5.4AI score0.00604EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/02/07 12:0 a.m.5 views

Wordpress Plugin SupportCandy 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site request forgery vulnerability...

8.8CVSS7.7AI score0.00612EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/02/07 12:0 a.m.5 views

PT-2022-9480 · WordPress · Supportcandy

Name of the Vulnerable Software and Affected Versions: SupportCandy WordPress plugin versions prior to 2.2.5 Description: The issue is related to the lack of authorisation and CSRF checks in the wpsc tickets AJAX action, which could allow unauthenticated users to delete arbitrary tickets via the...

7.5CVSS7.5AI score0.0124EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2022/02/07 12:0 a.m.5 views

PT-2022-9489

Name of the Vulnerable Software and Affected Versions: SupportCandy WordPress plugin versions prior to 2.2.7 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the plugin does not properly sanitise and escape the query string before outputting it back...

6.1CVSS5.9AI score0.01165EPSS
Exploits2References6
wpexploit
wpexploit
added 2022/01/05 12:0 a.m.116 views

SupportCandy < 2.2.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the query string before outputting it back in pages with the wpsccreateticket shortcode embed, leading to a Reflected Cross-Site Scripting issue Note: the ticket-creation page is the one with the wpsccreateticket shortcode embed...

6.1CVSS0.1AI score0.01165EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/01/05 12:0 a.m.14 views

SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF

The plugin does not have CRSF check in its wpsctickets AJAX action, which could allow attackers to make a logged in admin call it and delete arbitrary tickets via the setdeletepermanentlybulkticket settingaction. PoC...

6.5CVSS5.2AI score0.00531EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/01/05 12:0 a.m.95 views

SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion

The plugin does not have authorisation and CRSF checks in its wpsctickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the setdeletepermanentlybulkticket settingaction. Other actions may be affected as well. POST /wp-admin/admin-ajax.php HTTP/1....

7.5CVSS1.4AI score0.0124EPSS
Exploits2
Patchstack
Patchstack
added 2022/01/05 12:0 a.m.21 views

WordPress SupportCandy plugin <= 2.2.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress SupportCandy plugin versions = 2.2.6. Solution Update the WordPress SupportCandy plugin to the latest available version at least 2.2.7...

5.4CVSS1.9AI score0.00604EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/01/05 12:0 a.m.20 views

WordPress SupportCandy plugin <= 2.2.6 - Arbitrary Ticket Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Ticket Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Brandon Roldan in WordPress SupportCandy plugin versions = 2.2.6. Solution Update the WordPress SupportCandy plugin to the latest available version at least 2.2.7...

6.5CVSS4.1AI score0.00531EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2022/01/05 12:0 a.m.17 views

SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion

The plugin does not have authorisation and CRSF checks in its wpsctickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the setdeletepermanentlybulkticket settingaction. Other actions may be affected as well. PoC POST /wp-admin/admin-ajax.php...

7.5CVSS3.5AI score0.0124EPSS
Exploits2Affected Software1
Rows per page
Query Builder