Vulnerabilities > Wpsupportplus

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-22	CVE-2019-15331	Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. network low complexity wpsupportplus CWE-79	6.1
2019-08-22	CVE-2016-10930	Improper Input Validation vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. network low complexity wpsupportplus CWE-20 critical	9.8
2019-08-22	CVE-2014-10391	Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. network low complexity wpsupportplus CWE-74	6.1
2019-08-22	CVE-2014-10390	Path Traversal vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. network low complexity wpsupportplus CWE-22 critical	9.1
2019-08-22	CVE-2014-10389	Improper Authentication vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. network low complexity wpsupportplus CWE-287 critical	9.8
2019-08-22	CVE-2014-10388	Information Exposure vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure. network low complexity wpsupportplus CWE-200	5.3
2019-08-22	CVE-2014-10387	SQL Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection. network low complexity wpsupportplus CWE-89 critical	9.8
2019-03-21	CVE-2019-7299	Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System 9.1.1 A stored cross-site scripting (XSS) vulnerability in the submit_ticket.php module in the WP Support Plus Responsive Ticket System plugin 9.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the subject parameter in wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php. network low complexity wpsupportplus CWE-79	6.1
2018-03-14	CVE-2018-1000131	SQL Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. network low complexity wpsupportplus CWE-89 critical	9.8

Vulnerabilities > Wpsupportplus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpsupportplus"}]}

Vulnerabilities > Wpsupportplus