WordPress Plugin Vulnerabilities

SupportEzzy Ticket System 1.2.5 - Cross Site Scripting

Description

The supportezzy WordPress plugin was affected by a Cross Site Scripting security vulnerability.

Affects Plugins

Plugin icon
supportezzy
No known fix

References

CVE
CVE-2014-9179
URL
https://packetstormsecurity.com/files/#129103/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
9acc9567-eb84-48f1-94a0-35c61e8724cc

Timeline

Publicly Published
2014-11-13 (about 11 years ago)
Added
2014-11-13 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-08-05
Title
Gutenverse < 3.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks
Published
2015-06-30
Title
NewStatPress <= 1.0.3 - Unauthenticated Stored Cross-Site Scripting (XSS)
Published
2026-02-17
Title
InteractiveCalculator for WordPress < 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
Published
2024-03-20
Title
Popup Maker – Popup for opt-ins, lead gen, & more < 1.18.3 - Contributor+ Stored XSS
Published
2026-01-08
Title
AMP for WP < 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload