Project Subscriptions
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Wed, 01 Jul 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wordpress
Wordpress wordpress Wpsupportplus Wpsupportplus wp Support Plus Responsive Ticket System |
|
| Vendors & Products |
Wordpress
Wordpress wordpress Wpsupportplus Wpsupportplus wp Support Plus Responsive Ticket System |
Tue, 30 Jun 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-20 CWE-89 |
Tue, 30 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Tue, 30 Jun 2026 07:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks. | |
| Title | WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated SQL Injection via filter[elements] Array Keys | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2026-06-30T14:23:36.734Z
Reserved: 2026-06-08T13:39:48.524Z
Link: CVE-2026-11590
Updated: 2026-06-30T14:23:21.528Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-01T09:45:03Z