Support Ticket System Security Vulnerabilities and Issues — Support Ticket System CVE List

Lucene search

Support Ticket System ProjectSupport Ticket System

4 matches found

CVE•added 2017/09/26 3:29 p.m.•42 views

CVE-2015-7670

Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter.

9.8CVSS10AI score0.00351EPSS

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10626

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for authenticated attackers, with Subscriber-level a...

8.8CVSS8.9AI score0.05837EPSS

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10627

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS9.9AI score0.05053EPSS

CVE•added 2024/11/09 4:15 a.m.•41 views

CVE-2024-10625

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrar...

9.8CVSS9.8AI score0.13002EPSS