Vulnerabilities in psmplugins

4 results

CVE-2026-0683MEDIUMSupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) SQL Injection via Number Field FilterEPSS 0.3%CVE-2025-10658MEDIUMSupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.7 - Authentication Bypass to Support Session TakeoverEPSS 0.3%CVE-2024-13552MEDIUMSupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.0 - Insecure Direct Object ReferenceEPSS 0.3%CVE-2026-1251MEDIUMSupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object ReferenceEPSS 0.3%