Awesome Support – WordPress HelpDesk & Support Plugin

Vulnerabilities 31Slug awesome-supportLatest version 6.3.8WordPress.org →

Minimum safe version

6.3.8

Update to 6.3.8 or later to address 31 fixable vulnerabilities

Latest available6.3.8 ✓

N/A

2026-04-07< 6.3.8

Awesome Support <= 6.3.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Unauthorized Ticket Reply Access via 'ticket_id' Parameter

Wordfence CVE

Medium 6.5

2026-01-16< 6.3.7

CVE-2025-12641

CVE Wordfence

High 7.2

2025-09-22< 6.3.6

Awesome Support <= 6.3.5 - Authenticated (Support Manager+) PHP Object Injection

Wordfence EUVD CVE

Medium 5.3

2025-09-09< 6.3.7

CVE-2025-53340

CVE EUVD Wordfence

High 7.5

2025-04-01< 6.3.2

CVE-2024-13567

CVE EUVD Wordfence

Medium 6.5

2024-12-13< 6.3.2

CVE-2024-54289

CVE Wordfence Patchstack

High 8.8

2024-06-10< 6.1.8

CVE-2024-35741

CVE Patchstack

Critical 9.8

2024-06-09< 6.1.8

CVE-2024-30539

CVE Wordfence Patchstack WPScan

High 8.8

2024-02-10< 6.1.8

CVE-2024-0594

CVE Wordfence Patchstack WPScan

Medium 4.3

2024-02-10< 6.1.8

CVE-2024-0595

CVE Wordfence WPScan

Medium 5.3

2024-02-10< 6.1.8

CVE-2024-0596

CVE Wordfence WPScan

Medium 5.4

2024-06-09< 6.1.7

CVE-2024-24716

CVE Wordfence Patchstack WPScan

Medium 4.3

2024-12-27< 6.1.6

WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF)

Patchstack CVE Wordfence WPScan

Medium 5.3

2024-12-27< 6.1.6

WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Broken Access Control

Patchstack CVE Wordfence WPScan

Medium 6.5

2024-12-09< 6.1.8

CVE-2023-49857

CVE Patchstack Wordfence Wordfence WPScan

Medium 5.4

2024-12-09< 6.1.11

CVE-2023-49757

CVE Patchstack Wordfence WPScan

Medium 5.4

2024-12-09< 6.1.5

CVE-2023-48324

CVE Patchstack Wordfence WPScan

Medium 4.3

2023-11-30< 6.1.5

CVE-2023-48323

CVE Patchstack Wordfence WPScan

High 8.1

2023-11-07< 6.1.5

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Arbitrary File Deletion

Patchstack CVE Wordfence WPScan

Medium 4.3

2023-11-07< 6.1.5

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Broken Access Control

Patchstack CVE Wordfence WPScan

Medium 6.1

2023-11-07< 6.1.5

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

Medium 6.5

2022-11-28< 6.1.2

CVE-2022-3511

CVE Patchstack Wordfence WPScan

Medium 5.4

2022-09-21< 6.0.8

CVE-2022-38073

CVE Patchstack Wordfence WPScan

N/A

2017-10-23< 4.3.2

WordPress Awesome Support plugin <= 4.3.1 - Authenticated Arbitrary File Viewing Vulnerability

Patchstack

N/A

2017-10-23< 4.3.2

WordPress Awesome Support plugin <= 4.3.1 - Authenticated Arbitrary File Deletion Vulnerability

Patchstack

N/A

2021-08-09< 6.0.9

WordPress Awesome Support plugin <= 6.0.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Patchstack

High 7.5

2019-08-20< 3.1.7

CVE-2015-9318

CVE Wordfence WPScan

Medium 6.1

2019-08-20< 3.1.7

CVE-2015-9317

CVE Wordfence

Medium 4.8

2020-01-09< 6.0.14

CVE-2019-20181

CVE Patchstack Wordfence WPScan

Medium 6.1

2021-09-06< 6.0.11

CVE-2021-24435

CVE WPScan Wordfence

Medium 6.1

2021-11-26< 6.0.7

CVE-2021-36919

CVE Patchstack Wordfence WPScan