AI Score
Confidence
High
EPSS
Percentile
45.9%
Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the “URL (optional)” field in a new ticket.
packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html