Awesome Support is one of the leading customer support plugin for WordPress. It has features that can match that of Zendesk or Helpscout.

Recently, there has been reports of Multiple Authenticated Reflective Cross-Site Script (XSS) vulnerability in Awesome Support 6.0.6.

Vulnerability
As reported by the security agency –
“The plugin does not sanitize and escape the id and assignee parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue.”

Solution
Update the WordPress plugin to the latest available version Awesome Support 6.0.7. The author has reported to have resolved the issues.

How to Update
If you manage your WordPress website on your own, you may update it using the techniques outlined below –
– Login to WordPress Admin
– On the left side menu click on the link Plugins. You will see all the installed plugins.
– Scroll to down to see Awesome Support 6.0.6. WordPress automatically keep check of all available update. The background color is Red and an update link underneath.
– Just click on the Update link, wait till the background color changes to Green. Once done you will see the latest version changed to 6.0.7

It also really important to maintain your WordPress website regularly. To read more visit Tips To Maintain Your WordPress Website.

I hope this post has helped you. If you find any problem then pl. write back to me at contact@growthtechnosoft.com. Will be happy to help you further.