Refine your search
10 vulnerabilities found for by ELEXtensions
CVE-2025-9343 (GCVE-0-2025-9343)
Vulnerability from cvelistv5
Published
2025-12-21 03:20
Modified
2025-12-22 16:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket subjects in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T16:49:14.561892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T16:49:21.868Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket subjects in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-21T03:20:04.135Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/042d9bc7-50ea-4585-9789-b10ed40b0d14?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3420695%40elex-helpdesk-customer-support-ticket-system\u0026new=3420695%40elex-helpdesk-customer-support-ticket-system\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-17T06:17:54.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-20T14:59:55.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.4 - Unauthenticated Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9343",
"datePublished": "2025-12-21T03:20:04.135Z",
"dateReserved": "2025-08-22T13:33:09.992Z",
"dateUpdated": "2025-12-22T16:49:21.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13534 (GCVE-0-2025-13534)
Vulnerability from cvelistv5
Published
2025-12-02 08:24
Modified
2025-12-02 15:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.2. This is due to missing authorization checks on the eh_crm_edit_agent AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to escalate their WSDesk privileges from limited "Reply Tickets" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T15:29:25.124421Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T15:29:31.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.2. This is due to missing authorization checks on the eh_crm_edit_agent AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to escalate their WSDesk privileges from limited \"Reply Tickets\" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T08:24:53.698Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3541794b-7c8a-42f8-9688-7f3dbbb08e58?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-two.php#L9"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/tags/3.3.2/includes/class-crm-ajax-functions-two.php#L9"
},
{
"url": "https://plugins.trac.wordpress.org/browser/stm-gallery/trunk/stmgallery_v.0.9.php#L121"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-21T21:38:59.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-01T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.2 - Authenticated (Contributor+) Privilege Escalation via eh_crm_edit_agent AJAX Action"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13534",
"datePublished": "2025-12-02T08:24:53.698Z",
"dateReserved": "2025-11-21T21:23:47.412Z",
"dateUpdated": "2025-12-02T15:29:31.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10039 (GCVE-0-2025-10039)
Vulnerability from cvelistv5
Published
2025-11-21 12:28
Modified
2025-11-21 13:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the 'eh_crm_ticket_single_view_client' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of all support tickets.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.2.9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T13:23:42.926190Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T13:24:30.036Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.2.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the \u0027eh_crm_ticket_single_view_client\u0027 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of all support tickets."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T12:28:10.054Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9ffc0af-9c3d-4f8e-ae0b-e51c0c67dfe1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions.php#L259"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3391342/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-17T06:17:55.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.2.9 - Authenticated (Subscriber+) Insecure Direct Object Reference via \u0027eh_crm_ticket_single_view_client\u0027"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10039",
"datePublished": "2025-11-21T12:28:10.054Z",
"dateReserved": "2025-09-05T17:36:58.320Z",
"dateUpdated": "2025-11-21T13:24:30.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10054 (GCVE-0-2025-10054)
Vulnerability from cvelistv5
Published
2025-11-21 12:28
Modified
2025-11-21 17:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_remove_agent' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove the role and capabilities of any user with an Administrator, WSDesk Supervisor, or WSDesk Agents role.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T17:44:01.342305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T17:44:39.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michelle Porter"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027eh_crm_remove_agent\u0027 function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove the role and capabilities of any user with an Administrator, WSDesk Supervisor, or WSDesk Agents role."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T12:28:07.818Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07c92f79-94ac-4153-9ab2-9608601508b0?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-two.php#L77"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3399391/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-17T06:17:54.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Role Removal"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10054",
"datePublished": "2025-11-21T12:28:07.818Z",
"dateReserved": "2025-09-05T19:23:46.309Z",
"dateUpdated": "2025-11-21T17:44:39.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11456 (GCVE-0-2025-11456)
Vulnerability from cvelistv5
Published
2025-11-21 07:31
Modified
2025-11-24 18:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the eh_crm_new_ticket_post() function in all versions up to, and including, 3.3.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T16:14:24.165349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T18:03:39.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ifoundbug"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the eh_crm_new_ticket_post() function in all versions up to, and including, 3.3.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T07:31:53.625Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a6f362c1-fe64-4be1-9713-14c0561a59ce?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-three.php?rev=3332203"
},
{
"url": "https://wordpress.org/plugins/elex-helpdesk-customer-support-ticket-system/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3399391/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-three.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-07T18:23:04.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T18:41:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.1 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11456",
"datePublished": "2025-11-21T07:31:53.625Z",
"dateReserved": "2025-10-07T18:07:44.972Z",
"dateUpdated": "2025-11-24T18:03:39.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12169 (GCVE-0-2025-12169)
Vulnerability from cvelistv5
Published
2025-11-21 05:32
Modified
2025-11-21 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_eh_crm_settings_empty_scheduled_actions' AJAX Action in all versions up to, and including, 3.3.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to clear the scheduled triggers option.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T14:48:13.175107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:58:26.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abhirup Konwar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027wp_ajax_eh_crm_settings_empty_scheduled_actions\u0027 AJAX Action in all versions up to, and including, 3.3.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to clear the scheduled triggers option."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T05:32:07.823Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae2ac493-e6df-4083-8601-65635ad342b2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3391816"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-24T14:42:58.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T16:58:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.0 - Missing Authorization to Authenitcated (Subscriber+) to Scheduled Trigger Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12169",
"datePublished": "2025-11-21T05:32:07.823Z",
"dateReserved": "2025-10-24T14:27:50.723Z",
"dateUpdated": "2025-11-21T14:58:26.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12022 (GCVE-0-2025-12022)
Vulnerability from cvelistv5
Published
2025-11-21 05:32
Modified
2025-11-21 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_settings_restore_trash' AJAX endpoint in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore all deleted tickets.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12022",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T14:48:14.184076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:58:31.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027eh_crm_settings_restore_trash\u0027 AJAX endpoint in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore all deleted tickets."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T05:32:06.379Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/982b23c5-2414-48f7-a2f5-96fef54f8d69?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3399391/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-archive-ajax-functions.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-21T14:59:53.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T16:58:48.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Trash Restore"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12022",
"datePublished": "2025-11-21T05:32:06.379Z",
"dateReserved": "2025-10-21T14:44:41.416Z",
"dateUpdated": "2025-11-21T14:58:31.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12085 (GCVE-0-2025-12085)
Vulnerability from cvelistv5
Published
2025-11-21 05:32
Modified
2025-11-21 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_settings_empty_trash' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to empty the ticket trash.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T14:48:14.935567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:58:36.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027eh_crm_settings_empty_trash\u0027 function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to empty the ticket trash."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T05:32:05.922Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89696d1c-8e6e-402a-9d7a-03fe0f364a72?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3399391/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-two.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-22T18:11:54.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T17:00:40.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Trash Empty"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12085",
"datePublished": "2025-11-21T05:32:05.922Z",
"dateReserved": "2025-10-22T17:56:36.006Z",
"dateUpdated": "2025-11-21T14:58:36.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12023 (GCVE-0-2025-12023)
Vulnerability from cvelistv5
Published
2025-11-21 05:32
Modified
2025-11-21 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_crm_restore_data() function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore tickets.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | ELEX WordPress HelpDesk & Customer Ticketing System |
Version: * ≤ 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12023",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T14:48:15.564495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:58:42.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WordPress HelpDesk \u0026 Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_crm_restore_data() function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore tickets."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T05:32:05.530Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4599b145-cb89-48d4-8581-e1ee7a7bd323?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3399391/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-21T15:01:57.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T17:01:39.000+00:00",
"value": "Disclosed"
}
],
"title": "ELEX WordPress HelpDesk \u0026 Customer Ticketing System \u003c= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Ticket Restore"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12023",
"datePublished": "2025-11-21T05:32:05.530Z",
"dateReserved": "2025-10-21T14:46:47.792Z",
"dateUpdated": "2025-11-21T14:58:42.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12751 (GCVE-0-2025-12751)
Vulnerability from cvelistv5
Published
2025-11-19 05:45
Modified
2025-11-19 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The WSChat – WordPress Live Chat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'reset_settings' AJAX endpoint in all versions up to, and including, 3.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the plugin's settings.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| elextensions | WSChat – WordPress Live Chat |
Version: * ≤ 3.1.6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T20:17:18.587081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:17:52.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSChat \u2013 WordPress Live Chat",
"vendor": "elextensions",
"versions": [
{
"lessThanOrEqual": "3.1.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Powpy"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WSChat \u2013 WordPress Live Chat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027reset_settings\u0027 AJAX endpoint in all versions up to, and including, 3.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the plugin\u0027s settings."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T05:45:11.235Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0be6658d-aec8-404c-a994-bde10a3cdbac?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3395773%40wschat-live-chat\u0026new=3395773%40wschat-live-chat\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-05T15:20:47.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-18T17:25:44.000+00:00",
"value": "Disclosed"
}
],
"title": "WSChat \u2013 WordPress Live Chat \u003c= 3.1.6 - Missing Authorization to Authenticated (Subscriber+) Settings Reset"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12751",
"datePublished": "2025-11-19T05:45:11.235Z",
"dateReserved": "2025-11-05T15:05:39.124Z",
"dateUpdated": "2025-11-19T20:17:52.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}