CVE-2023-49857

< 6.1.8

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Acc

6.5MEDIUM

CVE-2023-49757

< 6.1.11

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Acc

5.4MEDIUM

CVE-2023-48324

< 6.1.5

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Acc

5.4MEDIUM

CVE-2023-51537

<= 6.1.5

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6

5.3MEDIUM

CVE-2024-35741

< 6.1.8

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6

4.3MEDIUM

CVE-2024-24716

< 6.1.7

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6

5.4MEDIUM

CVE-2024-30539

< 6.1.8

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6

5.3MEDIUM

CVE-2024-0596

< 6.1.8

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to unauthorized access of data due to

5.3MEDIUM

CVE-2024-0595

< 6.1.8

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to unauthorized access due to a missi

4.3MEDIUM

CVE-2024-0594

<= 6.1.7

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to union-based SQL Injection via the

8.8HIGH

CVE-2023-51538

<= 6.1.5

Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support - WordPress HelpDesk & Support Plugin.This

4.3MEDIUM

CVE-2023-48323

<= 6.1.4

Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support - WordPress HelpDesk & Support Plugin allo

4.3MEDIUM

CVE-2023-5355

< 6.1.5

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing

8.1HIGH

CVE-2023-5354

< 6.1.5

The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back in the page,

6.1MEDIUM

CVE-2023-5352

< 6.1.5

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edi

4.3MEDIUM

CVE-2022-3511

< 6.1.2

The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to th

6.5MEDIUM

CVE-2022-38073

<= 6.0.7

Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin

5.4MEDIUM

CVE-2021-36919

<= 6.0.6

Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome Support plugin (versions <= 6.0.6

6.1MEDIUM

CVE-2019-20181

<= 5.8.0

The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter.

4.8MEDIUM

CVE-2015-9318

< 3.1.7

The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies.

7.5HIGH

CVE-2015-9317

< 3.1.7

The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages.

6.1MEDIUM