Vulnerabilities > Support Ticket System Project > Support Ticket System > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-26	CVE-2015-7670	SQL Injection vulnerability in Support Ticket System Project Support Ticket System Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter. network low complexity support-ticket-system-project CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.