Woocommerce Support Ticket System Security Vulnerabilities and Issues — Woocommerce Support Ticket System CVE List

Lucene search

VanquishWoocommerce Support Ticket System

4 matches found

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10626

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for authenticated attackers, with Subscriber-level a...

8.8CVSS8.9AI score0.05583EPSS

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10627

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS9.9AI score0.0483EPSS

CVE•added 2024/11/09 4:15 a.m.•41 views

CVE-2024-10625

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrar...

9.8CVSS9.8AI score0.12487EPSS

CVE•added 2025/02/01 1:15 p.m.•35 views

CVE-2024-13775

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajax_delete_message', 'ajax_get_customers_partial_list', and 'ajax_get_admins_list' functions in all versions up to, and including, 17.8. This ma...

5.4CVSS5.3AI score0.00051EPSS