The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner (identified by email address) to read, reply to, and close that person's support tickets.
History

Mon, 13 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287

Mon, 13 Jul 2026 08:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287

Sun, 12 Jul 2026 07:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287

Sat, 11 Jul 2026 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
CWE-522

Fri, 10 Jul 2026 05:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
CWE-522

Thu, 09 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 09 Jul 2026 07:00:00 +0000

Type Values Removed Values Added
Description The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner (identified by email address) to read, reply to, and close that person's support tickets.
Title WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Support Ticket Access via Session Cookie Forgery
References

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2026-07-09T06:00:02.497Z

Updated: 2026-07-09T14:44:24.978Z

Reserved: 2026-06-10T12:38:40.449Z

Link: CVE-2026-11875

cve-icon Vulnrichment

Updated: 2026-07-09T14:44:16.582Z

cve-icon NVD

No data.

cve-icon Redhat

No data.