9 matches found
CVE-2014-10387
The CVE-2014-10387 incident concerns the WordPress plugin WP Support Plus Responsive Ticket System (affected: before version 4.2). The vulnerability is an SQL injection in the plugin, exposing potential disclosure/modification of data and impact to availability, as indicated by CVSS metrics (UP t...
CVE-2019-15331
The CVE-2019-15331 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system, affected in all versions prior to 9.1.2. Multiple connected sources confirm a vulnerability described as HTML injection / stored cross-site scripting (XSS) in this plugin. The vulnerability stems from...
CVE-2014-10388
CVE-2014-10388 affects the WordPress plugin wp-support-plus-responsive-ticket-system prior to version 4.2. Multiple connected sources (RH, NVD, CVE lists, WPVulnDB) consistently describe a full path disclosure vulnerability in this plugin, enabling disclosure of server file paths. Public details ...
CVE-2018-1000131
The CVE-2018-1000131 entry affects the WordPress plugin WP Support Plus Responsive Ticket System (versions ≤ 9.0.2). The vulnerability is a SQL Injection in the function that retrieves tickets, where the email parameter stored in a cookie is injected, enabling an attacker to manipulate queries. E...
CVE-2014-10389
The CVE-2014-10389 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system (pre-4.2). The connected sources confirm an authorization/authentication issue in this plugin, described as "incorrect authentication". Affected version is stated as prior to 4.2; CVSS metrics from NVD...
CVE-2014-10391
The CVE-2014-10391 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System, specifically versions prior to 4.1. The vulnerability is a JavaScript injection (XSS) flaw caused by insufficient validation of client-side data in the plugin. Impact is that an attacker could trigger...
CVE-2014-10390
The CVE-2014-10390 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system (pre-4.2). The vulnerability is a directory traversal flaw in the plugin, exposing potential unauthorized access to filesystem paths. Public sources confirm the affected component as the plugin’s code ...
CVE-2016-10930
The CVE-2016-10930 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System. Affected component: the wp-support-plus-responsive-ticket-system plugin for WordPress. Root cause: insecure direct object reference via a ticket number in the plugin prior to version 7.1.0. Impact: po...
CVE-2019-7299
CVE-2019-7299 concerns a stored XSS in the WP Support Plus Responsive Ticket System WordPress plugin, specifically in submit_ticket.php (path: wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php) for version 9.1.1. The vulnerability allows injection of arbi...