Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Remote unauthenticated low-complexity SQLi (AV:N/AC:L/PR:N/UI:N) with database-only read impact, so C:H and S:U rather than the vendor's S:C; I/A:N as no confirmed write/destruction.
Primary rating from Vendor (WPScan).
CVSS VectorVendor: WPScan
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks.
Articles & Coverage 1
AnalysisAI
Unauthenticated SQL injection in the WP Support Plus Responsive Ticket System WordPress plugin (all versions through 9.1.2) lets remote attackers inject arbitrary SQL by abusing user-supplied array keys that are passed into a query without sanitization. Any unauthenticated visitor can extract sensitive database contents such as WordPress user records and password hashes. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions beyond having the WP Support Plus Responsive Ticket System plugin (version ≤9.1.2) installed and active on a reachable WordPress site - exploitation is remote and unauthenticated (PR:N, UI:N) against default configurations. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker sends a crafted HTTP request to a vulnerable WP Support Plus endpoint, supplying request parameters as PHP arrays whose KEY contains SQL syntax (e.g. a UNION or boolean/time-based blind payload). … |
| Remediation | No vendor-released patch or fixed version is identified in the available data for versions through 9.1.2, so a clean upgrade target cannot be confirmed; monitor the WordPress plugin repository and the WPScan advisory (https://wpscan.com/vulnerability/117853ca-0fd3-4bfa-ad60-799eb5c77bdf/) for a release above 9.1.2 and apply it immediately once published. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all WordPress instances using WP Support Plus Responsive Ticket System plugin and disable it on non-critical systems. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulner
Stored cross-site scripting in the WP Support Plus Responsive Ticket System WordPress plugin (all versions through 9.1.2
A stored cross-site scripting (XSS) vulnerability in the submit_ticket.php module in the WP Support Plus Responsive Tick
Cookie forgery in WP Support Plus Responsive Ticket System (WordPress plugin ≤9.1.2) allows unauthenticated network atta
The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. Rated medium severity
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40263
GHSA-fjmg-grxw-25vg