CVE-2026-4654 | awesomesupport Awesome Support Plugin up to 6.3.7 on WordPress wpas_get_ticket_replies_ajax ticket_id authorization

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability was found in awesomesupport Awesome Support Plugin up to 6.3.7 on WordPress and classified as problematic. Affected by this issue is the function wpas_get_ticket_replies_ajax. Executing a manipulation of the argument ticket_id can lead to authorization bypass.

This vulnerability appears as CVE-2026-4654. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-4654 | awesomesupport Awesome Support Plugin up to 6.3.7 on WordPress wpas_get_ticket_replies_ajax ticket_id authorization

Post correlati

CVE-2025-9704 | SourceCodester Water Billing System 1.0 /viewbill.php ID sql injection

CVE-2024-0557 | DedeBIZ 6.3.0 Website Copyright Setting cross site scripting

CVE-2024-22475 | Printer/Scanner Web Based Management cross-site request forgery

CVE-2025-11801 | AudioTube Plugin up to 0.0.3 on WordPress Shortcode caption cross site scripting