CVE-2025-47658
WordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through <= 3.2.9.
| CWE | CWE-434 |
| Vendor | elextensions |
| Product | elex wordpress helpdesk & customer ticketing system |
| Published | May 23, 2025 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for elextensions elex wordpress helpdesk & customer ticketing system
Be the first to know when new unknown vulnerabilities affecting elextensions elex wordpress helpdesk & customer ticketing system are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
ELEXtensions / ELEX WordPress HelpDesk & Customer Ticketing System
0 โค 3.2.9
References
Credits
Phat RiO | Patchstack Bug Bounty Program