Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:wpsupportplus:wp_support_plus_responsive_ticket_system:1.0:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-15331 |
The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. Published: August 22, 2019; 3:15:15 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10930 |
The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. Published: August 22, 2019; 3:15:14 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-10391 |
The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-10390 |
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2014-10389 |
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-10388 |
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2014-10387 |
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-1000131 |
Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site, without login. This vulnerability appears to have been fixed in 9.0.3 and later. Published: March 14, 2018; 9:29:00 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |