zendesk_convert_to_ticket_post
AJAX action, which makes it possible for attackers to create a Zendesk ticket from an arbitrary comment via a forged request if they can trick an administrator into performing an action such as clicking on a link. Zendesk Support for WordPress by Zendesk <= 1.8.4 - Cross-Site Request Forgery (CSRF) to Convert Comment to Ticket
REPORT ID: c9669288-4365-413c-be0d-b403ffcf16be
The plugin contains a Cross-Site Request Forgery (CSRF) vulnerability due to a missing nonce check in the
You need to log in to view the vulnerability details.