CVE-2026-9848 | emarket-design Customer Support Ticket System & Helpdesk Plugin up to 6.0.4 on WordPress Query Parameter wp_ticket_com_posts_request sql injection (EUVD-2026-36636)
A vulnerability, which was classified as critical, has been found in emarket-design Customer Support Ticket System & Helpdesk Plugin up to 6.0.4 on WordPress. This affects the function wp_ticket_com_posts_request of the component Query Parameter Handler. This manipulation causes sql injection.
This vulnerability is registered as CVE-2026-9848. Remote exploitation of the attack is possible. No exploit is available.
It is advisable to upgrade the affected component.