WordPress Supportcandy Vulnerabilities
Wordpress Supportcandy vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Authentication Bypass in SupportCandy Plugin for WordPress
CVE-2025-10658WordPressSupportcandy β Helpdes...6.5MEDIUMInsecure Direct Object Reference in SupportCandy Helpdesk Ticket System for WordPress
CVE-2024-13552WordPressSupportcandy β Helpdes...4.3MEDIUMSupportCandy Stored XSS Vulnerability
CVE-2024-27991WordPressSupportcandy6.5MEDIUMSupportCandy < 3.1.7 - Subscriber+ SQLi
CVE-2023-2719WordpressSupportcandy8.8HIGHSupportCandy < 3.1.7 - Admin+ SQLi
CVE-2023-2805WordpressSupportcandy7.2HIGHSupportCandy < 3.1.5 - Unauthenticated SQLi
CVE-2023-1730WordpressSupportcandyπΎπ‘EPSS 77%9.8CRITICALSupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting
CVE-2021-24880WordpressSupportcandy β Helpdes...5.4MEDIUMSupportCandy < 2.2.7 - CSRF to Cross-Site Scripting
CVE-2021-24879WordpressSupportcandy β Helpdes...8.8HIGHSupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF
CVE-2021-24843WordpressSupportcandy β Helpdes...6.5MEDIUMSupportCandy < 2.2.7 - Reflected Cross-Site Scripting
CVE-2021-24878WordpressSupportcandy β Helpdes...6.1MEDIUMSupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion
CVE-2021-24839WordpressSupportcandy β Helpdes...7.5HIGHUnrestricted File Upload Vulnerability in SupportCandy Plugin for WordPress
CVE-2019-11223WordpressSupportcandyπΎπ‘EPSS 45%9.8CRITICAL