Primary

Context

Fluent Support WordPress Plugin Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability allowing sensitive information exposure has been identified in the Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress. This issue affects all versions through 1.8.5. The vulnerability arises from an unprotected directory within the plugin, which allows unauthenticated attackers to access sensitive data, including file attachments from support tickets, stored in the '/wp-content/uploads/fluent-support' directory.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, such as private file attachments included in support tickets.

Remediation

Users are advised to update the Fluent Support WordPress plugin to version 1.8.6 or a newer patched version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fluent Support WordPress Plugin Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating