CVE-2026-11590

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks.
Configurations

No configuration.

History

30 Jun 2026, 15:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.6

30 Jun 2026, 07:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-30 07:16

Updated : 2026-06-30 15:16


NVD link : CVE-2026-11590

Mitre link : CVE-2026-11590

CVE.ORG link : CVE-2026-11590


JSON object : View

Products Affected

No product.

CWE

No CWE.