cleantalk
Vulnerabilities and Security Researches

Awesome Support – WordPress HelpDesk & Support Plugin, CVE-2023-5355

CVE, Research URL

CVE-2023-5355

Home page URL

Security reports for Awesome Support – WordPress HelpDesk & Support Plugin

Application

Awesome Support – WordPress HelpDesk & Support Plugin

Published on
Nov 07, 2023
Research Description
The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server.
Affected versions
Min -, max 6.1.5.
Status
vulnerable
Previous vulnerability researches
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-49757) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2024-24716) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-48324) , Jun 10, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2024-54289) , Dec 15, 2024
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2023-49857) , Dec 15, 2024
New vulnerability
Post Rating and Review (CVE-2025-6538) , Jun 27, 2025
WP Masonry & Infinite Scroll (CVE-2025-5488) , Jun 27, 2025
Modern Design Library (CVE-2025-5842) , Jun 27, 2025
FastBook – Responsive Appointment Booking and Scheduling System (CVE-2025-25173) , Jun 27, 2025
Zapier for WordPress (CVE-2025-50010) , Jun 27, 2025