WordPress plugin WP Ticket Customer Service Software & Support Ticket System Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to set up a personal blog site on a PHP and MySQL based...

WordPress WP Ticket Customer Service Software & Support Ticket System plugin <= 6.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin WP Ticket Customer Service Software & Support Ticket System versions = 6.0.0...

WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Support Ticket versions = 1.9...

WordPress Support Ticket Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Support Ticket versions = 1.9...

CVE-2018-21002

The js-support-ticket plugin before 2.0.6 for WordPress has CSRF...

com.buession.cas:buession-cas-ticket (>=2.3.0 <=2.3.2), com.buession.cas:buession-cas-ticket-infinispan (>=2.3.0 <=2.3.2) +490 more potentially affected by CVE-2024-1233 via org.wildfly.security:wildfly-elytron-realm-token (>=1.10.0.CR1 <=2.4.0.CR1)

org.wildfly.security:wildfly-elytron-realm-token MAVEN version =1.10.0.CR1, =2.3.0, =2.3.0, =2.3.0, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =1.2.9, =2.0.20, =0.12, =1.3.0.Final, =1.3.2.Final and more Source cves: CVE-2024-1233 Source advisory: OSV:GHSA-V4MM-Q8FV-R2W5...

CVE-2023-51547

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPManageNinja LLC Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin: from n/a through...

CVE-2023-51547

CVE-2023-51547 affects Fluent Support (WordPress plugin) up to version 1.7.6. It is an authenticated SQL Injection caused by improper neutralization of input in SQL commands. Impact per sources is high; patch status is Patched, but no fixed version is specified in the provided documents. Recommen...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

WordPress WP Ticket plugin <= 5.10.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Tri Wanda Septian in WordPress WP Ticket plugin versions = 5.10.3. Solution Update the WordPress WP Ticket plugin to the latest available version at least 5.10.4...

WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Navigate to WP Ticket Forms edit layout of "Open a Ticket" or "Search...

WordPress js-support-ticket plugin cross-site request forgery vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in versions of the WordPress js-support-ticket plugin prior to version 2.0....

WordPress Sola Support Ticket Plugin <= 3.12 - Multiple Vulnerabilities

Anyone, who is logged in user and access to wp-admin, can update settings, allowing HTML to be analyzed. For this reason, information can be obtained. Solution Update the plugin...