Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Getawesomesupport Subscribe
Filtered by product Awesome Support

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-51538 1 Getawesomesupport 1 Awesome Support 2024-01-09 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5.
CVE-2023-48323 1 Getawesomesupport 1 Awesome Support 2023-12-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4.
CVE-2023-5355 1 Getawesomesupport 1 Awesome Support 2023-11-14 N/A 8.1 HIGH
The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server.
CVE-2023-5352 1 Getawesomesupport 1 Awesome Support 2023-11-14 N/A 4.3 MEDIUM
The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edit posts for which they do not have permission.
CVE-2023-5354 1 Getawesomesupport 1 Awesome Support 2023-11-14 N/A 6.1 MEDIUM
The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CVE-2021-36919 1 Getawesomesupport 1 Awesome Support 2021-12-02 3.5 LOW 5.4 MEDIUM
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome Support plugin (versions <= 6.0.6), vulnerable parameters (&id, &assignee).
CVE-2019-20181 1 Getawesomesupport 1 Awesome Support 2020-01-14 3.5 LOW 4.8 MEDIUM
The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter.
CVE-2015-9318 1 Getawesomesupport 1 Awesome Support 2019-08-22 5.0 MEDIUM 7.5 HIGH
The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies.
CVE-2015-9317 1 Getawesomesupport 1 Awesome Support 2019-08-21 4.3 MEDIUM 6.1 MEDIUM
The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages.