CVE-2026-1251 – SupportCandy – Helpdesk & Customer Support Ticket System

CVE ID : CVE-2026-1251

Published : Jan. 31, 2026, 6:39 a.m. | 33 minutes ago

Description : The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the ‘add_reply’ function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to steal file attachments uploaded by other users by specifying arbitrary attachment IDs in the ‘description_attachments’ parameter, re-associating those files to their own tickets and removing access from the original owners.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…