From the screenshot, here are the key details about the vulnerability in Markdown format: --- CVE-2025-13534 CVE ID: CVE-2025-13534 CVSS Score: 6.3 (Medium) Published Date: December 1, 2025 Last Updated: December 2, 2025 Researcher: Athiwat Tiprasaharn (Jitlada) --- Affected and Patched Versions Affected Version: <= 3.3.2 Patched Version: 3.3.3 --- Vulnerability Description Users can escalate their privileges from limited "Reply Tickets" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data. --- References plugins.trac.wordpress.org plugins.trac.wordpress.org plugins.trac.wordpress.org --- Advice Update to version 3.3.3 or a newer patched version to mitigate this vulnerability.