Schiocco Support Board
7 CVEs affecting Schiocco Support Board. Latest disclosed: 2026-03-25. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4855 | Critical | 9.8 | 2025-07-08 | The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_enc… |
CVE-2025-4828 | Critical | 9.8 | 2025-07-08 | The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sb_file_delete function in all… |
CVE-2025-54031 | High | 8.1 | 2025-08-20 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board supportboard al… |
CVE-2025-60182 | High | 7.1 | 2025-12-18 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS… |
CVE-2025-54027 | High | 7.1 | 2025-08-20 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS… |
CVE-2026-4815 | | 2026-03-25 | A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via… | |
CVE-2026-4816 | | 2026-03-25 | A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code i… |