cleantalk
Vulnerabilities and Security Researches

Ruby Help Desk, CVE-2023-1125

CVE, Research URL

CVE-2023-1125

Home page URL

Security reports for Ruby Help Desk

Application

Ruby Help Desk

Published on
May 02, 2023
Research Description
The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own.
Affected versions
Min -, max 1.3.4.
Status
vulnerable
Previous vulnerability researches
Ruby Help Desk (CVE-2023-1125) , Jun 07, 2024
New vulnerability
YITH PayPal Express Checkout for WooCommerce (CVE-2025-48111) , Jun 18, 2025
WordPress Infinite Scroll – Ajax Load More (CVE-2025-4775) , Jun 18, 2025
PostaPanduri (CVE-2025-49452) , Jun 18, 2025
Ivory Search – WordPress Search Plugin (CVE-2025-5209) , Jun 18, 2025
Drag and Drop Multiple File Upload – Contact Form 7 (CVE-2025-3515) , Jun 18, 2025