SQL Injection Vulnerabilities in Support Ticket System Plugin for WordPress
CVE-2015-7670 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter.
Learn more about our Wordpress Pen Testing.