CVE-2025-5957 – “WordPress Guest Support Unauthenticated Ticket Deletion Vulnerability”

CVE ID : CVE-2025-5957

Published : July 8, 2025, 5:15 a.m. | 2 hours ago

Description : The Guest Support – Complete customer support ticket system for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘deleteMassTickets’ function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to delete arbitrary support tickets.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…