Dismissed
Permalink
CVE-2025-49372
10.0 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
18 packages
- happy
- triggerhappy
- haskellPackages.happy
- haskellPackages.happy-dot
- haskellPackages.happy-lib
- haskellPackages.happy-meta
- ocamlPackages.happy-eyeballs
- haskellPackages.happy-arbitrary
- ocamlPackages.happy-eyeballs-lwt
- gnomeExtensions.happy-appy-hotkey
- ocamlPackages.mimic-happy-eyeballs
- python312Packages.aiohappyeyeballs
- python313Packages.aiohappyeyeballs
- ocamlPackages.happy-eyeballs-mirage
- tests.testers.testBuildFailure.happy
- tests.testers.testBuildFailure'.happy
- tests.testers.testBuildFailure.happyStructuredAttrs
- tests.testers.testBuildFailure'.happyStructuredAttrs
- @LeSuisse dismissed
WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through <= 1.0.7.
References
- https://vdp.patchstack.com/database/Wordpress/Plugin/happy-helpdesk-support-tic… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Plugin/happy-helpdesk-support-tic… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Plugin/happy-helpdesk-support-tic… vdb-entry
- https://patchstack.com/database/Wordpress/Plugin/happy-helpdesk-support-ticket-… vdb-entry
Affected products
happy-helpdesk-support-ticket-system
- =<<= 1.0.7