ELEX WordPress HelpDesk & Customer Ticketing System

ELEXtensions

Developer

3.3.5

Latest version

300

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

7 fixed

4 Mitigation rules

Authenticated (Contributor+) Privilege Escalation via eh_crm_edit_agent AJAX Action vulnerability
<= 3.3.2
Dec 2, 2025
Unauthenticated Arbitrary File Upload vulnerability
<= 3.3.1
Nov 24, 2025
Missing Authorization to Authenticated (Subscriber+) Role Removal vulnerability
<= 3.3.1
Nov 21, 2025
Authenticated (Subscriber+) Insecure Direct Object Reference via 'eh_crm_ticket_single_view_client' vulnerability
<= 3.2.9
Nov 21, 2025
Missing Authorization to Authenitcated (Subscriber+) to Scheduled Trigger Deletion vulnerability
<= 3.3.0
Nov 20, 2025
Arbitrary File Upload vulnerability
<= 3.2.9
May 8, 2025
Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability
<= 3.2.6
Jan 31, 2025