| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12443 | CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | crmperks | CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout | Medium | 6.4 | 2024-12-16 22:24:38 | Deep Dive |
| CVE-2024-54274 | WordPress Octrace Support plugin <= 1.2.7 - Reflected Cross Site Scripting (XSS) vulnerability | Octrace | WordPress HelpDesk & Support Ticket System Plugin – Octrace Support | High | 7.1 | 2024-12-13 14:24:50 | Deep Dive |
| CVE-2024-27125 | Helpdesk | QNAP Systems Inc. | Helpdesk | Low | 3.5 | 2024-09-06 16:27:18 | Deep Dive |
| CVE-2024-34698 | Prototype Pollution in getQueryParam Function (URL Query Parser) | freescout-helpdesk | freescout | Medium | 4.6 | 2024-05-13 15:50:34 | Deep Dive |
| CVE-2024-34697 | Freescout vulnerable to Stored HTML Injection in Editing Received Emails | freescout-helpdesk | freescout | High | 7.6 | 2024-05-13 15:45:27 | Deep Dive |
| CVE-2024-29185 | FreeScout OS Command Injection vulnerability | freescout-helpdesk | freescout | Critical | 9.0 | 2024-03-22 17:03:57 | Deep Dive |
| CVE-2024-29184 | FreeScout Stored XSS to Privilege Escalation After CSP Bypass | freescout-helpdesk | freescout | High | 8.0 | 2024-03-22 17:01:02 | Deep Dive |
| CVE-2024-28186 | SMTP Mail Credentials Disclosed in Error Log in freescout | freescout-helpdesk | freescout | High | 7.1 | 2024-03-12 19:36:06 | Deep Dive |
| CVE-2024-1932 | Unrestricted Upload of File with Dangerous Type in freescout-helpdesk/freescout | freescout-helpdesk | freescout-helpdesk/freescout | 中危 | - | 2024-02-28 00:00:15 | Deep Dive |
| CVE-2024-0596 | Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html() | awesomesupport | Awesome Support – WordPress HelpDesk & Support Plugin | Medium | 5.3 | 2024-02-10 06:51:53 | Deep Dive |
| CVE-2024-0595 | Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via wpas_get_users() | awesomesupport | Awesome Support – WordPress HelpDesk & Support Plugin | Medium | 4.3 | 2024-02-10 06:51:52 | Deep Dive |
| CVE-2024-0594 | Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL Injection | awesomesupport | Awesome Support – WordPress HelpDesk & Support Plugin | High | 8.8 | 2024-02-10 06:51:52 | Deep Dive |
| CVE-2023-51538 | WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF) | Awesome Support Team | Awesome Support – WordPress HelpDesk & Support Plugin | Medium | 4.3 | 2024-01-05 09:47:19 | Deep Dive |
| CVE-2023-51547 | WordPress Fluent Support Plugin <= 1.7.6 is vulnerable to SQL Injection | WPManageNinja LLC | Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin | High | 7.6 | 2023-12-31 17:39:52 | Deep Dive |
| CVE-2023-48323 | WordPress Awesome Support Plugin <= 6.1.4 is vulnerable to Cross Site Request Forgery (CSRF) | Awesome Support Team | Awesome Support – WordPress HelpDesk & Support Plugin | Medium | 4.3 | 2023-11-30 12:59:15 | Deep Dive |
| CVE-2023-1724 | Faveo Helpdesk Enterprise 6.0.1 - Privilege Escalation via Stored XSS | Ladybirdweb | Faveo Helpdesk | High | 7.3 | 2023-06-24 00:13:35 | Deep Dive |
| CVE-2022-2559 | Fluent Support < 1.5.8 - Admin+ SQLi | Unknown | Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin | 高危 | - | 2022-08-29 17:15:36 | Deep Dive |
| CVE-2021-24880 | SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 中危 | - | 2022-02-07 15:47:12 | Deep Dive |
| CVE-2021-24879 | SupportCandy < 2.2.7 - CSRF to Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 高危 | - | 2022-02-07 15:47:11 | Deep Dive |
| CVE-2021-24878 | SupportCandy < 2.2.7 - Reflected Cross-Site Scripting | Unknown | SupportCandy – Helpdesk & Support Ticket System | 中危 | - | 2022-02-07 15:47:10 | Deep Dive |