cleantalk
Vulnerabilities and Security Researches

Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin, CVE-2024-13568

CVE, Research URL

CVE-2024-13568

Home page URL

Security reports for Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin

Application

Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin

Published on
Mar 01, 2025
Research Description
The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/fluent-support directory which can contain file attachments included in support tickets.
Affected versions
Min -, max 1.8.6.
Status
vulnerable
Previous vulnerability researches
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin (CVE-2023-51547) , Jun 07, 2024
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin (CVE-2022-2559) , Jun 07, 2024
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin (CVE-2024-47304) , Sep 28, 2024
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin (CVE-2024-47302) , Sep 28, 2024
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin (CVE-2025-57885) , Aug 24, 2025
New vulnerability
Ni WooCommerce Customer Product Report (CVE-2025-7827) , Aug 25, 2025
Ogulo – 360° Tour (CVE-2025-9131) , Aug 25, 2025
JS Archive List Widget (CVE-2025-54726) , Aug 25, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-57895) , Aug 25, 2025
Wptobe-memberships (CVE-2025-9048) , Aug 25, 2025