cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-8632,https://securityvulnerability.io/vulnerability/CVE-2024-8632,Unauthorized Access to Replies in WordPress Help Desk and Knowledge Base Plugin,"The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbs_ajax_load_front_end_replies' and 'kbs_ajax_mark_reply_as_read' functions in all versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to read replies of any ticket, and mark any reply as read.",Wordpress,Kb Support – WordPress Help Desk And Knowledge Base,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-10-01T07:30:13.274Z,0 CVE-2024-8548,https://securityvulnerability.io/vulnerability/CVE-2024-8548,Authenticated Attackers Can Modify Tickets and Lose Data Due to Security Vulnerability,"The KB Support – WordPress Help Desk and Knowledge Base plugin is susceptible to a vulnerability that enables authenticated users, including those with Subscriber-level access and above, to execute unauthorized administrative actions. This vulnerability is caused by a missing capability check in several functions, leading to potential data loss and unauthorized changes. Attackers can respond to arbitrary support tickets, alter post statuses, delete posts, append notes to tickets, manipulate ticket statuses, and control ticket participants. As such, this vulnerability poses significant risks to user data integrity and overall plugin functionality.",Wordpress,Kb Support – WordPress Help Desk And Knowledge Base,8.1,HIGH,0.0014100000262260437,false,,false,false,false,,false,false,2024-10-01T07:30:12.789Z,0 CVE-2023-37890,https://securityvulnerability.io/vulnerability/CVE-2023-37890,WordPress KB Support Plugin <= 1.5.88 is vulnerable to Broken Access Control,"Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPress Help Desk and Knowledge Base: from n/a through 1.5.88. ",Wordpress,KB Support – WordPress Help Desk and Knowledge Base,4.3,MEDIUM,0.0004799999878741801,false,,false,false,false,,false,false,2023-11-30T16:15:00.000Z,0