| CVE-2026-32522 | WordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerability | vanquish | WooCommerce Support Ticket System | 中危 | - | 2026-03-25 16:15:08 | Deep Dive |
| CVE-2026-23977 | WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability | WPFactory | Helpdesk Support Ticket System for WooCommerce | High | 7.5 | 2026-03-25 16:14:31 | Deep Dive |
| CVE-2026-1251 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object Reference | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 5.4 | 2026-01-31 06:39:23 | Deep Dive |
| CVE-2026-0683 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) SQL Injection via Number Field Filter | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2026-01-31 05:52:47 | Deep Dive |
| CVE-2025-14581 | HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply | villatheme | HAPPY – Helpdesk Support Ticket System | Medium | 4.3 | 2025-12-13 03:20:25 | Deep Dive |
| CVE-2025-60235 | WordPress Support Ticket System for WooCommerce plugin <= 2.0.7 - Arbitrary File Upload vulnerability | Plugify | Support Ticket System for WooCommerce (Premium) | 中危 | - | 2025-11-06 15:55:08 | Deep Dive |
| CVE-2025-60157 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | Medium | 6.5 | 2025-09-26 08:31:57 | Deep Dive |
| CVE-2025-57972 | WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerability | WPFactory | Helpdesk Support Ticket System for WooCommerce | Medium | 4.3 | 2025-09-22 18:24:36 | Deep Dive |
| CVE-2025-10658 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.7 - Authentication Bypass to Support Session Takeover | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2025-09-20 06:43:19 | Deep Dive |
| CVE-2025-53584 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | High | 8.1 | 2025-08-28 12:37:33 | Deep Dive |
| CVE-2025-49422 | WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability | themepassion | Support Ticket | Critical | 9.8 | 2025-08-20 08:03:43 | Deep Dive |
| CVE-2025-49424 | WordPress Support Ticket Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability | themepassion | Support Ticket | High | 7.1 | 2025-08-20 08:03:42 | Deep Dive |
| CVE-2025-5957 | Guest Support – Complete customer support ticket system for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Ticket Deletion | rcatheme | Guest Support | Medium | 5.3 | 2025-07-08 04:22:59 | Deep Dive |
| CVE-2023-25997 | WordPress Sola Support Ticket plugin <= 3.18 - Arbitrary Content Deletion Vulnerability | SolaPlugins | Sola Support Ticket | Medium | 6.5 | 2025-06-06 12:54:44 | Deep Dive |
| CVE-2024-13604 | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | logoninc | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin | High | 7.5 | 2025-04-05 01:44:45 | Deep Dive |
| CVE-2025-31626 | WordPress Support Helpdesk Ticket System Lite plugin <= 4.5.2 - Reflected Cross Site Scripting (XSS) vulnerability | M. Ali Saleem | Support Helpdesk Ticket System Lite | High | 7.1 | 2025-04-03 13:27:12 | Deep Dive |
| CVE-2024-13552 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.0 - Insecure Direct Object Reference | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 4.3 | 2025-03-07 09:21:14 | Deep Dive |
| CVE-2024-13568 | Fluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | techjewel | Fluent Support – Helpdesk & Customer Support Ticket System | High | 7.5 | 2025-03-01 04:21:47 | Deep Dive |
| CVE-2024-13775 | WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure | vanquish | WooCommerce Support Ticket System | Medium | 5.4 | 2025-02-01 12:21:31 | Deep Dive |
| CVE-2025-22762 | WordPress Octrace Support Pro plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | Octrace | WordPress HelpDesk & Support Ticket System Plugin – Octrace Support | Medium | 5.9 | 2025-01-15 15:23:24 | Deep Dive |