Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions.
Metrics
Affected Vendors & Products
References
History
Mon, 29 Jun 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 26 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Psm Plugins
Psm Plugins supportcandy Wordpress Wordpress wordpress |
|
| Vendors & Products |
Psm Plugins
Psm Plugins supportcandy Wordpress Wordpress wordpress |
Fri, 26 Jun 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. | |
| Title | WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published: 2026-06-26T14:52:21.124Z
Updated: 2026-06-29T17:38:21.245Z
Reserved: 2026-06-16T09:21:51.802Z
Link: CVE-2026-54826
Updated: 2026-06-29T17:38:02.273Z
No data.
No data.