Skip to main content

Support Ticket Management System

1 CVEs product

Monthly

CVE-2025-69179 CRITICAL Act Now

Privilege escalation in the Support Ticket Management System WordPress plugin (versions 1.9 and earlier) by Theme Passion allows remote unauthenticated attackers to elevate privileges on affected WordPress sites. With a CVSS 3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N) and no public exploit identified at time of analysis, the flaw maps to CWE-266 (Incorrect Privilege Assignment) and is tracked in the Patchstack database. Successful exploitation likely yields administrator-level access to the WordPress instance, enabling full site takeover.

Privilege Escalation Support Ticket Management System
NVD
CVSS 3.1
9.8
EPSS
0.4%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Privilege escalation in the Support Ticket Management System WordPress plugin (versions 1.9 and earlier) by Theme Passion allows remote unauthenticated attackers to elevate privileges on affected WordPress sites. With a CVSS 3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N) and no public exploit identified at time of analysis, the flaw maps to CWE-266 (Incorrect Privilege Assignment) and is tracked in the Patchstack database. Successful exploitation likely yields administrator-level access to the WordPress instance, enabling full site takeover.

Privilege Escalation Support Ticket Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy