cleantalk
Vulnerabilities and Security Researches

Customer Service Software & Support Ticket System, CVE-2021-24622

CVE, Research URL

CVE-2021-24622

Home page URL

Security reports for Customer Service Software & Support Ticket System

Application

Customer Service Software & Support Ticket System

Published on
Oct 18, 2021
Research Description
The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Affected versions
Min -, max 5.6.0.
Status
vulnerable
Previous vulnerability researches
Customer Service Software & Support Ticket System (CVE-2025-53584) , Aug 30, 2025
Customer Service Software & Support Ticket System (CVE-2021-24622) , Jun 07, 2024
New vulnerability
OSM Map Widget for Elementor (CVE-2025-8619) , Aug 30, 2025
Simple Page Access Restriction (CVE-2025-58202) , Aug 30, 2025
Chartbeat (CVE-2025-53250) , Aug 30, 2025
Table Editor (CVE-2025-48310) , Aug 30, 2025
WP Thumbtack Review Slider (CVE-2025-58216) , Aug 30, 2025