VYPR

Support Ticket

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-49422CriAug 20, 2025
    risk 0.64cvss 9.8epss 0.00

    Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through <= 1.9.

  • CVE-2015-7670CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.03

    Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter.

  • CVE-2025-49424HigAug 20, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themepassion Support Ticket support-ticket allows Reflected XSS.This issue affects Support Ticket: from n/a through <= 1.9.

  • CVE-2014-9179Dec 2, 2014
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket.