Exploitation Summary
EIP tracks 1 public exploit for CVE-2014-9179. PoCs published by Halil Dalabasmaz.
AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in the SupportEzzy Ticket System WordPress plugin. It provides a sample payload but does not include functional exploit code.
Description
Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket.
Exploits (1)
exploitdb
WRITEUP
by Halil Dalabasmaz · textwebappsphp
https://www.exploit-db.com/exploits/35218
This is a writeup describing a stored XSS vulnerability in the SupportEzzy Ticket System WordPress plugin. It provides a sample payload but does not include functional exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
SupportEzzy Ticket System WordPress Plugin v1.2.5
Auth required
Prerequisites:
User registration and login · Access to ticket submission form
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Scores
EPSS
0.0370
EPSS Percentile
88.3%
Details
CWE
CWE-79
Status
published
Products (1)
supportezzy_ticket_system_project/supportezzy_ticket_system
1.2.5
Published
Dec 02, 2014
Tracked Since
Feb 18, 2026