CVE-2023-5355

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt