cleantalk
Vulnerabilities and Security Researches

Majestic Support – Help Desk & Support Plugin, CVE-2024-13600

CVE, Research URL

CVE-2024-13600

Home page URL

Security reports for Majestic Support – Help Desk & Support Plugin

Application

Majestic Support – Help Desk & Support Plugin

Published on
Feb 12, 2025
Research Description
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the 'majesticsupportdata' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/majesticsupportdata directory which can contain file attachments included in support tickets.
Affected versions
Min -, max 1.0.6.
Status
vulnerable
Previous vulnerability researches
Premium Addons for Elementor (CVE-2024-6495) , Jul 13, 2024
Premium Addons for Elementor (CVE-2024-56225) , Dec 23, 2024
Premium Addons for Elementor (CVE-2024-2664) , Jun 07, 2024
Premium Addons for Elementor (CVE-2021-24257) , Jun 07, 2024
Premium Addons for Elementor (CVE-2024-1242) , Jun 07, 2024
New vulnerability
TablePress – Tables in WordPress made easy (CVE-2024-45293) , May 07, 2025
Newsletter – Send awesome emails from WordPress (CVE-2025-3583) , May 07, 2025
Insert PHP Code Snippet (CVE-2024-43275) , May 07, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2024-38785) , May 07, 2025
Section Widget (CVE-2025-46537) , May 07, 2025