cleantalk
Vulnerabilities and Security Researches

KB Support – WordPress Help Desk and Knowledge Base, CVE-2023-37890

CVE, Research URL

CVE-2023-37890

Home page URL

Security reports for KB Support – WordPress Help Desk and Knowledge Base

Application

KB Support – WordPress Help Desk and Knowledge Base

Published on
Nov 30, 2023
Research Description
Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPress Help Desk and Knowledge Base: from n/a through 1.5.88.
Affected versions
Min -, max 1.5.89.
Status
vulnerable
Previous vulnerability researches
KB Support – WordPress Help Desk and Knowledge Base (CVE-2023-25983) , Jun 07, 2024
KB Support – WordPress Help Desk and Knowledge Base (CVE-2023-37890) , Jun 07, 2024
KB Support – WordPress Help Desk and Knowledge Base (CVE-2024-33589) , Jun 07, 2024
KB Support – WordPress Help Desk and Knowledge Base (CVE-2022-27852) , Jun 07, 2024
KB Support – WordPress Help Desk and Knowledge Base (CVE-2024-8632) , Oct 02, 2024
New vulnerability
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2025-3487) , Apr 18, 2025
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2025-3479) , Apr 18, 2025
WPAdverts – Classifieds Plugin (CVE-2025-39576) , Apr 18, 2025
Checkout Files Upload for WooCommerce (CVE-2025-39520) , Apr 18, 2025
Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2025-3453) , Apr 18, 2025