浏览 11+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1251 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object Reference | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 5.4 | 2026-01-31 06:39:23 | Deep Dive |
| CVE-2026-0683 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) SQL Injection via Number Field Filter | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2026-01-31 05:52:47 | Deep Dive |
| CVE-2025-60157 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | Medium | 6.5 | 2025-09-26 08:31:57 | Deep Dive |
| CVE-2025-10658 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.7 - Authentication Bypass to Support Session Takeover | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2025-09-20 06:43:19 | Deep Dive |
| CVE-2025-53584 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | High | 8.1 | 2025-08-28 12:37:33 | Deep Dive |
| CVE-2025-5957 | Guest Support – Complete customer support ticket system for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Ticket Deletion | rcatheme | Guest Support | Medium | 5.3 | 2025-07-08 04:22:59 | Deep Dive |
| CVE-2025-40729 | Reflected Cross-Site Scripting (XSS) vulnerability in Customer Support System | Customer Support System | Customer Support System | - | - | 2025-06-16 08:30:21 | Deep Dive |
| CVE-2025-40728 | SQL injection vulnerability in Customer Support System | Customer Support System | Customer Support System | - | - | 2025-06-16 08:29:08 | Deep Dive |
| CVE-2024-13552 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.0 - Insecure Direct Object Reference | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 4.3 | 2025-03-07 09:21:14 | Deep Dive |
| CVE-2024-13568 | Fluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | techjewel | Fluent Support – Helpdesk & Customer Support Ticket System | High | 7.5 | 2025-03-01 04:21:47 | Deep Dive |
| CVE-2021-24622 | WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting | Unknown | Customer Service Software & Support Ticket System | 中危 | - | 2021-10-18 13:45:50 | Deep Dive |