Fluent Support
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-51547 | Hig | 0.49 | 7.6 | 0.01 | Dec 31, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPManageNinja LLC Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support – WordPress Helpdesk and Customer Support Ticket… | ||
| CVE-2022-2559 | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2022 | The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users | ||
| CVE-2025-67926 | Med | 0.42 | 6.5 | 0.00 | Jan 8, 2026 | Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.10.4. | ||
| CVE-2024-13568 | Hig | 0.42 | 7.5 | 0.00 | Mar 1, 2025 | The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. This makes it possible for unauthenticated attackers to extract… | ||
| CVE-2025-57885 | Med | 0.28 | 4.3 | 0.00 | Aug 22, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Cross Site Request Forgery.This issue affects Fluent Support: from n/a through <= 1.9.1. |
- risk 0.49cvss 7.6epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPManageNinja LLC Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support – WordPress Helpdesk and Customer Support Ticket…
- risk 0.47cvss 7.2epss 0.01
The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users
- risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.10.4.
- risk 0.42cvss 7.5epss 0.00
The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. This makes it possible for unauthenticated attackers to extract…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Cross Site Request Forgery.This issue affects Fluent Support: from n/a through <= 1.9.1.