PatchSiren

thrivedesk CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM thrivedesk CVE published 2026-07-11

CVE-2026-1832

The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress has a vulnerability allowing unauthorized cache deletion due to a missing capability check on the 'thrivedesk_clear_cache' AJAX action in all versions up to, and including, 2.1.7. Authenticated attackers with Subscriber-level access and above can clear the plugin's cache. This issue has a CVSS score of 4.3 and is classi [truncated]