Vulnerabilities > Wpsupportplus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-22 | CVE-2019-15331 | Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. | 4.3 |
2019-08-22 | CVE-2016-10930 | Improper Input Validation vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. | 7.5 |
2019-08-22 | CVE-2014-10391 | Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. | 4.3 |
2019-08-22 | CVE-2014-10390 | Path Traversal vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. | 6.4 |
2019-08-22 | CVE-2014-10389 | Improper Authentication vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. | 7.5 |
2019-08-22 | CVE-2014-10388 | Information Exposure vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure. | 5.0 |
2019-08-22 | CVE-2014-10387 | SQL Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection. | 7.5 |
2019-03-21 | CVE-2019-7299 | Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System 9.1.1 A stored cross-site scripting (XSS) vulnerability in the submit_ticket.php module in the WP Support Plus Responsive Ticket System plugin 9.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the subject parameter in wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php. | 4.3 |
2018-03-14 | CVE-2018-1000131 | SQL Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. | 7.5 |