Awesome Support
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0594 | Hig | 0.57 | 8.8 | 0.01 | Feb 10, 2024 | The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpas_get_users action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter… | ||
| CVE-2025-58662 | Hig | 0.47 | 7.2 | 0.00 | Sep 22, 2025 | Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support awesome-support allows Object Injection.This issue affects Awesome Support: from n/a through <= 6.3.5. | ||
| CVE-2024-13567 | Hig | 0.42 | 7.5 | 0.01 | Apr 1, 2025 | The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory. This makes it possible for unauthenticated attackers to extract… | ||
| CVE-2024-54289 | Med | 0.42 | 6.5 | 0.01 | Dec 13, 2024 | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.3.1. | ||
| CVE-2023-49857 | Med | 0.42 | 6.5 | 0.01 | Dec 9, 2024 | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.7. | ||
| CVE-2023-49757 | Med | 0.35 | 5.4 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.10. | ||
| CVE-2023-48324 | Med | 0.35 | 5.4 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.4. | ||
| CVE-2025-53340 | Med | 0.34 | 5.3 | 0.00 | Sep 9, 2025 | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through <= 6.3.6. | ||
| CVE-2024-0596 | Med | 0.34 | 5.3 | 0.00 | Feb 10, 2024 | The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editor_html() function in all versions up to, and including, 6.1.7. This makes it possible for authenticated… | ||
| CVE-2024-0595 | Med | 0.28 | 4.3 | 0.00 | Feb 10, 2024 | The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX in all versions up to, and including, 6.1.7. This makes it possible for… | ||
| CVE-2023-51538 | Med | 0.28 | 4.3 | 0.00 | Jan 5, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5. | ||
| CVE-2023-48323 | Med | 0.28 | 4.3 | 0.00 | Nov 30, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4. | ||
| CVE-2023-51537 | 0.00 | — | 0.00 | Jun 12, 2024 | Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5. | |||
| CVE-2024-35741 | 0.00 | — | 0.00 | Jun 10, 2024 | Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7. | |||
| CVE-2024-24716 | 0.00 | — | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. | |||
| CVE-2024-30539 | 0.00 | — | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7. |
- risk 0.57cvss 8.8epss 0.01
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpas_get_users action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter…
- risk 0.47cvss 7.2epss 0.00
Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support awesome-support allows Object Injection.This issue affects Awesome Support: from n/a through <= 6.3.5.
- risk 0.42cvss 7.5epss 0.01
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory. This makes it possible for unauthenticated attackers to extract…
- risk 0.42cvss 6.5epss 0.01
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.3.1.
- risk 0.42cvss 6.5epss 0.01
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.7.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.10.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.4.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through <= 6.3.6.
- risk 0.34cvss 5.3epss 0.00
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editor_html() function in all versions up to, and including, 6.1.7. This makes it possible for authenticated…
- risk 0.28cvss 4.3epss 0.00
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX in all versions up to, and including, 6.1.7. This makes it possible for…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4.
- CVE-2023-51537Jun 12, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5.
- CVE-2024-35741Jun 10, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.
- CVE-2024-24716Jun 9, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6.
- CVE-2024-30539Jun 9, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.