Vulnerability CVE-2023-5355
Published: 2023-11-06

Description:
The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server.

Type:

CWE-284

 (Improper Access Control)

 References:
https://wpscan.com/vulnerability/d6f7faca-dacf-4455-a837-0404803d0f25
Copyright 2026, cxsecurity.com

 

Back to Top