SQL Injection Vulnerabilities in Support Ticket System Plugin for WordPress

CVE-2015-7670 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter.

Learn more about our Wordpress Pen Testing.