cleantalk
Vulnerabilities and Security Researches

Awesome Support – WordPress HelpDesk & Support Plugin, CVE-2023-5354

CVE, Research URL

CVE-2023-5354

Home page URL

Security reports for Awesome Support – WordPress HelpDesk & Support Plugin

Application

Awesome Support – WordPress HelpDesk & Support Plugin

Published on
Nov 07, 2023
Research Description
The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Affected versions
Min -, max 6.1.5.
Status
vulnerable
Previous vulnerability researches
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-49757) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2024-24716) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-48324) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2024-54289) , Dec 15, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-49857) , Dec 15, 2024
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025