The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks.
References
Configurations
No configuration.
History
30 Jun 2026, 15:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.6 |
30 Jun 2026, 07:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-30 07:16
Updated : 2026-06-30 15:16
NVD link : CVE-2026-11590
Mitre link : CVE-2026-11590
CVE.ORG link : CVE-2026-11590
JSON object : View
Products Affected
No product.
CWE
No CWE.
