cleantalk
Vulnerabilities and Security Researches

ELEX WordPress HelpDesk & Customer Ticketing System, CVE-2025-47658

CVE, Research URL

CVE-2025-47658

Home page URL

Security reports for ELEX WordPress HelpDesk & Customer Ticketing System

Application

ELEX WordPress HelpDesk & Customer Ticketing System

Published on
May 23, 2025
Research Description
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System allows Upload a Web Shell to a Web Server. This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through 3.2.7.
Affected versions
max 3.2.7.
Status
vulnerable
Previous vulnerability researches
ELEX WordPress HelpDesk & Customer Ticketing System (CVE-2024-12171) , Feb 02, 2025
ELEX WordPress HelpDesk & Customer Ticketing System (CVE-2025-47658) , May 14, 2025
New vulnerability
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-11510) , Oct 29, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2025-62972) , Oct 29, 2025
Genealogical Tree – WordPress Family Tree (CVE-2025-58023) , Oct 12, 2025
WPB Quick View Popup for WooCommerce – Display Product Informations in Popup on Button Click (CVE-2025-57967) , Oct 12, 2025
Mixtape (CVE-2025-9860) , Oct 12, 2025