CVE-2025-13534HIGH 8.8EPSS p13.3%

CVE-2025-13534CVE-2025-13534

Description

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.2. This is due to missing authorization checks on the eh_crm_edit_agent AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to escalate their WSDesk privileges from limited "Reply Tickets" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.23% probability of exploitation · percentile 13.3% · 2026-06-19T12:03:05Z
Published2025-12-02
Last modified2025-12-04

Underlying weaknesses· 1

CWE-269

References

  1. https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/tags/3.3.2/includes/class-crm-ajax-functions-two.php#L9
  2. https://plugins.trac.wordpress.org/browser/elex-helpdesk-customer-support-ticket-system/trunk/includes/class-crm-ajax-functions-two.php#L9
  3. https://plugins.trac.wordpress.org/browser/stm-gallery/trunk/stmgallery_v.0.9.php#L121
  4. https://www.wordfence.com/threat-intel/vulnerabilities/id/3541794b-7c8a-42f8-9688-7f3dbbb08e58?source=cve

1

TypeTargetConfidenceTier
WeaknessImproper Privilege Managementcwe-2690%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-11456
CVE
CVE-2025-47658
CVE
CVE-2025-4104
CVE
CVE-2025-4473
CVE
CVE-2025-13618
CVE
CVE-2025-13764
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.