Vulnerabilities > Wpsupportplus > WP Support Plus Responsive Ticket System > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-22	CVE-2019-15331	Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. network low complexity wpsupportplus CWE-79	6.1
2019-08-22	CVE-2014-10391	Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. network low complexity wpsupportplus CWE-74	6.1
2019-08-22	CVE-2014-10388	Information Exposure vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure. network low complexity wpsupportplus CWE-200	5.3
2019-03-21	CVE-2019-7299	Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System 9.1.1 A stored cross-site scripting (XSS) vulnerability in the submit_ticket.php module in the WP Support Plus Responsive Ticket System plugin 9.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the subject parameter in wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php. network low complexity wpsupportplus CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.