Woocommerce Support Ticket System Security Vulnerabilities and Issues — Woocommerce Support Ticket System CVE List

Lucene search

VanquishWoocommerce Support Ticket System

3 matches found

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10626

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for authenticated attackers, with Subscriber-level a...

8.8CVSS8.9AI score0.05837EPSS

CVE•added 2024/11/09 4:15 a.m.•42 views

CVE-2024-10627

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS9.9AI score0.05053EPSS

CVE•added 2024/11/09 4:15 a.m.•41 views

CVE-2024-10625

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrar...

9.8CVSS9.8AI score0.13002EPSS