Missing Authorization in Helpdesk Support Ticket System for WooCommerce by WPFactory
CVE-2026-23977
7.5HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 25 March 2026
What is CVE-2026-23977?
A Missing Authorization vulnerability exists in the Helpdesk Support Ticket System for WooCommerce plugin by WPFactory. This flaw allows unauthorized users to exploit incorrectly configured access control levels, resulting in potential unauthorized actions within the application. Versions affected include all up to 2.1.2, making it crucial for users to review their security configurations and apply necessary updates or patches. For detailed information, visit their official update page.
Affected Version(s)
Helpdesk Support Ticket System for WooCommerce 0 <= 2.1.2