Awesome Support Security Vulnerabilities and Issues — Awesome Support CVE List

Lucene search

GetawesomesupportAwesome Support

4 matches found

CVE•added 2023/11/30 1:15 p.m.•70 views

CVE-2023-48323

Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4.

8.8CVSS6.4AI score0.00171EPSS

CVE•added 2023/11/06 9:15 p.m.•51 views

CVE-2023-5352

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edit posts for which they do not have permission.

4.3CVSS4.5AI score0.00054EPSS

Web

CVE•added 2023/11/06 9:15 p.m.•48 views

CVE-2023-5355

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server.

8.1CVSS8.1AI score0.00209EPSS

CVE•added 2023/11/06 9:15 p.m.•45 views

CVE-2023-5354

The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

6.1CVSS6AI score0.00117EPSS

Web