Vulnerabilidades en awesomesupport
12 resultadosCVE-2024-0594HIGHAwesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL InjectionEPSS 0.6%CVE-2024-54289MEDIUMWordPress Awesome Support plugin <= 6.3.1 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-13567HIGHAwesome Support – WordPress HelpDesk & Support Plugin <= 6.3.1 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.6%CVE-2023-49857MEDIUMWordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-49757MEDIUMWordPress Awesome Support plugin <= 6.1.10 - Broken Access Control + CSRF vulnerabilityEPSS 0.5%CVE-2023-48324MEDIUMWordPress Awesome Support HelpDesk plugin <= 6.1.4 - Broken Access control vulnerabilityEPSS 0.5%CVE-2025-58662HIGHWordPress Awesome Support plugin <= 6.3.5 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2024-0595MEDIUMAwesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via wpas_get_users()EPSS 0.4%CVE-2024-0596MEDIUMAwesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html()EPSS 0.4%CVE-2025-12641MEDIUMAwesome Support – WordPress HelpDesk & Support Plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role DemotionEPSS 0.4%CVE-2026-4654MEDIUMAwesome Support <= 6.3.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Unauthorized Ticket Reply Access via 'ticket_id' ParameterEPSS 0.3%CVE-2025-53340MEDIUMWordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerabilityEPSS 0.3%