HarborGuard / CVE
Back to search
HIGHCVE-2026-32522Published Modified CNA Patchstack

CVE-2026-32522: WordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through < 18.5.

Metrics

CVSS v3.1
8.6
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • vanquish / WooCommerce Support Ticket System
    ≤ < 18.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
References