VYPR
Vendor

Getawesomesupport

Products
2
CVEs
18
Across products
18
Status
Private

Products

2

Recent CVEs

18
  • CVE-2024-0594HigFeb 10, 2024
    risk 0.57cvss 8.8epss 0.01

    The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to union-based SQL Injection via the 'q' parameter of the wpas_get_users action in all versions up to, and including, 6.1.7 due to insufficient escaping on the user supplied parameter…

  • CVE-2025-58662HigSep 22, 2025
    risk 0.47cvss 7.2epss 0.00

    Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support awesome-support allows Object Injection.This issue affects Awesome Support: from n/a through <= 6.3.5.

  • CVE-2024-13567HigApr 1, 2025
    risk 0.42cvss 7.5epss 0.01

    The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory. This makes it possible for unauthenticated attackers to extract…

  • CVE-2024-54289MedDec 13, 2024
    risk 0.42cvss 6.5epss 0.01

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.3.1.

  • CVE-2023-49857MedDec 9, 2024
    risk 0.42cvss 6.5epss 0.01

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.7.

  • CVE-2023-49757MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.10.

  • CVE-2023-48324MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.4.

  • CVE-2025-53340MedSep 9, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through <= 6.3.6.

  • CVE-2024-0596MedFeb 10, 2024
    risk 0.34cvss 5.3epss 0.00

    The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editor_html() function in all versions up to, and including, 6.1.7. This makes it possible for authenticated…

  • CVE-2024-0595MedFeb 10, 2024
    risk 0.28cvss 4.3epss 0.00

    The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX in all versions up to, and including, 6.1.7. This makes it possible for…

  • CVE-2023-51538MedJan 5, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5.

  • CVE-2023-48323MedNov 30, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4.

  • CVE-2026-4654MedApr 8, 2026
    risk 0.27cvss 5.3epss 0.00

    The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 6.3.7. This is due to the wpas_get_ticket_replies_ajax() function failing to verify whether the authenticated user…

  • CVE-2023-51537Jun 12, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5.

  • CVE-2024-35741Jun 10, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.

  • CVE-2024-24716Jun 9, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6.

  • CVE-2024-30539Jun 9, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.

  • CVE-2022-38073Sep 21, 2022
    risk 0.00cvss epss 0.00

    Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.