Latest getawesomesupport awesome support Vulnerabilities

CVE-2024-0596
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editor_html() function in all versi...
Getawesomesupport Awesome Support<6.1.8
CVE-2024-0595
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX i...
Getawesomesupport Awesome Support<6.1.8
CVE-2024-0594
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpas_get_users action in all versions up to, and ...
Getawesomesupport Awesome Support<=6.1.7
CVE-2023-51538
WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF)
Getawesomesupport Awesome Support<=6.1.5
CVE-2023-48323
WordPress Awesome Support Plugin <= 6.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
Getawesomesupport Awesome Support<=6.1.4
CVE-2023-5355
Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion
Getawesomesupport Awesome Support<6.1.5
CVE-2023-5352
Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply
Getawesomesupport Awesome Support<6.1.5
CVE-2023-5354
Awesome Support < 6.1.5 - Reflected Cross-Site Scripting
Getawesomesupport Awesome Support<6.1.5
CVE-2022-3511
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as sub...
Getawesomesupport Awesome Support<6.1.2
CVE-2022-38073
Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.
Getawesomesupport Awesome Support<=6.0.7
CVE-2021-36919
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome Support plugin (versions <= 6.0.6), vulnerable parameters (&id, &assignee).
Getawesomesupport Awesome Support<=6.0.6
CVE-2019-20181
The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter.
Getawesomesupport Awesome Support<=5.8.0
CVE-2015-9318
The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies.
Getawesomesupport Awesome Support<3.1.7
CVE-2015-9317
The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages.
Getawesomesupport Awesome Support<3.1.7

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203