WordPress Plugin Vulnerabilities

Awesome Support < 3.1.7 - XSS & Shortcodes Allowed in Replies

Description

The Awesome Support – WordPress HelpDesk & Support Plugin WordPress plugin was affected by a XSS & Shortcodes Allowed in Replies security vulnerability.

Affects Plugins

Plugin icon
awesome-support
Fixed in 3.1.7

References

CVE
CVE-2015-9317
CVE
CVE-2015-9318

Miscellaneous

Original Researcher
Anton Kulpinov
Verified
No
WPVDB ID
773d6361-1925-4ca6-9e7c-2d6ea7e1af6a

Timeline

Publicly Published
2015-05-15 (about 10 years ago)
Added
2019-08-21 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-05-22
Title
User Email Verification for WooCommerce < 3.4.0 - CSRF leading to Option Update
Published
2015-04-02
Title
Simple Ads Manager < 2.7.102 - Arbitrary File Upload & SQL Injection
Published
2015-05-15
Title
My Calendar <= 2.3.29 - Arbitrary File Override & Reflected XSS
Published
2016-05-18
Title
Fluid Responsive Slideshow <= 2.2.6 - CSRF & XSS
Published
2015-08-04
Title
WP Accurate Form Data <= 1.2 - Cross-Site Scripting (XSS) & CSRF