| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-55985 | WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability | Ydesignservices | YDS Support Ticket System | High | 8.5 | 2024-12-18 11:38:23 | Deep Dive |
| CVE-2024-54274 | WordPress Octrace Support plugin <= 1.2.7 - Reflected Cross Site Scripting (XSS) vulnerability | Octrace | WordPress HelpDesk & Support Ticket System Plugin – Octrace Support | High | 7.1 | 2024-12-13 14:24:50 | Deep Dive |
| CVE-2024-10627 | WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Upload | vanquish | WooCommerce Support Ticket System | Critical | 9.8 | 2024-11-09 03:30:47 | Deep Dive |
| CVE-2024-10625 | WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Deletion | vanquish | WooCommerce Support Ticket System | Critical | 9.8 | 2024-11-09 03:18:15 | Deep Dive |
| CVE-2024-10626 | WooCommerce Support Ticket System <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion | vanquish | WooCommerce Support Ticket System | High | 8.8 | 2024-11-09 03:18:15 | Deep Dive |
| CVE-2024-44011 | WordPress WP Ticket Ultra plugin <= 1.0.5 - Local File Inclusion vulnerability | ExpressTech Systems | WP Ticket Ultra Help Desk & Support Plugin | High | 7.5 | 2024-10-05 10:33:04 | Deep Dive |
| CVE-2023-51547 | WordPress Fluent Support Plugin <= 1.7.6 is vulnerable to SQL Injection | WPManageNinja LLC | Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin | High | 7.6 | 2023-12-31 17:39:52 | Deep Dive |
| CVE-2022-36388 | WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability | Ydesignservices | YDS Support Ticket System (WordPress plugin) | Medium | 5.4 | 2022-09-23 14:31:32 | Deep Dive |
| CVE-2022-2559 | Fluent Support < 1.5.8 - Admin+ SQLi | Unknown | Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin | 高危 | - | 2022-08-29 17:15:36 | Deep Dive |
| CVE-2021-24880 | SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 中危 | - | 2022-02-07 15:47:12 | Deep Dive |
| CVE-2021-24879 | SupportCandy < 2.2.7 - CSRF to Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 高危 | - | 2022-02-07 15:47:11 | Deep Dive |
| CVE-2021-24878 | SupportCandy < 2.2.7 - Reflected Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 中危 | - | 2022-02-07 15:47:10 | Deep Dive |
| CVE-2021-24843 | SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF | Unknown | SupportCandy – Helpdesk & Support Ticket System | 中危 | - | 2022-02-07 15:47:10 | Deep Dive |
| CVE-2021-24839 | SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion | Unknown | SupportCandy – Helpdesk & Support Ticket System | 高危 | - | 2022-02-07 15:47:09 | Deep Dive |
| CVE-2021-24622 | WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting | Unknown | Customer Service Software & Support Ticket System | 中危 | - | 2021-10-18 13:45:50 | Deep Dive |
| CVE-2021-24623 | WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS) | Unknown | WordPress Advanced Ticket System, Elite Support Helpdesk | 中危 | - | 2021-09-13 17:56:36 | Deep Dive |