CVE-2022-3511 is a medium-severity vulnerability affecting versions of the Awesome Support WordPress plugin prior to 6.1.2. The vulnerability is classified under CWE-639, which pertains to authorization bypass through user-controlled keys. Specifically, the plugin fails to verify that the exported tickets archive requested for download actually belongs to the user making the request. This results in an Insecure Direct Object Reference (IDOR) vulnerability, allowing a low-privileged user, such as a subscriber role in WordPress, to download arbitrary exported tickets belonging to other users. The vulnerability requires no user interaction beyond making a crafted request and can be exploited remotely over the network (AV:N), with low attack complexity (AC:L), and requires low privileges (PR:L). The impact is primarily on confidentiality, as unauthorized users can access sensitive ticket data, but it does not affect integrity or availability. There are no known exploits in the wild, and no official patch links were provided in the data, but upgrading to version 6.1.2 or later is implied as the fix. The vulnerability was published on November 28, 2022, and was assigned by WPScan with enrichment from CISA. The CVSS v3.1 score is 6.5, indicating a medium severity level due to the high confidentiality impact but limited scope and required privileges.

For European organizations using the Awesome Support plugin on their WordPress sites, this vulnerability poses a significant risk to the confidentiality of customer support tickets and potentially sensitive user data contained within those tickets. Unauthorized access to ticket archives could lead to exposure of personal information, internal communications, or business-sensitive data. This could result in reputational damage, regulatory non-compliance (especially under GDPR), and loss of customer trust. Since the vulnerability allows low-privileged users to access data of other users, insider threats or compromised subscriber accounts could be leveraged to exfiltrate data. The impact is more pronounced for organizations that handle sensitive or regulated information via their support systems, such as financial institutions, healthcare providers, or government agencies in Europe. However, the vulnerability does not affect system integrity or availability, so operational disruption is unlikely. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially if attackers develop exploits targeting European entities.

European organizations should immediately verify the version of the Awesome Support plugin deployed on their WordPress sites and upgrade to version 6.1.2 or later, where this vulnerability is fixed. If upgrading is not immediately possible, organizations should implement strict access controls to limit subscriber-level accounts and monitor for unusual download activity related to ticket exports. Additionally, organizations can implement web application firewall (WAF) rules to detect and block suspicious requests attempting to access ticket archives by manipulating IDs. Logging and alerting on export archive downloads should be enabled to detect potential abuse. Regular audits of user roles and permissions within WordPress should be conducted to minimize the number of low-privileged users who could exploit this flaw. Finally, organizations should review and sanitize exported ticket data to ensure no sensitive information is unnecessarily exposed and consider encrypting stored ticket archives to add an additional layer of protection.