CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-13552: SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.0 - Insecure Direct Object Reference

4.3 CVSS

Description

The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.3.0 via file upload due to missing validation on a user controlled key. This makes it possible for authenticated attackers to download attachments for support tickets that don't belong to them. If an admin enables tickets for guests, this can be exploited by unauthenticated attackers.

Classification

CVE ID: CVE-2024-13552

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem Types

CWE-285 Improper Authorization

Affected Products

Vendor: supportcandy

Product: SupportCandy – Helpdesk & Customer Support Ticket System

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 3.26% (scored less or equal to compared to others)

EPSS Date: 2025-04-05 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-13552
https://www.wordfence.com/threat-intel/vulnerabilities/id/13f87248-cc0b-4351-b79d-6efc5190b021?source=cve
https://plugins.trac.wordpress.org/browser/supportcandy/trunk/includes/admin/tickets/class-wpsc-new-ticket.php#L395
https://plugins.trac.wordpress.org/changeset/3235142/supportcandy/trunk?old=3188306&old_path=%2Fsupportcandy%2Ftrunk

Timeline

2025-03-07 10:40:12 UTC
CVE

SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.0 - Insecure Direct Object Reference