The Awesome Support plugin for WordPress is vulnerable to a type of attack called Cross-Site Request Forgery. This type of attack can allow an unauthenticated attacker to edit replies if the attacker can trick a site administrator, such as by having them click a malicious link. Versions up to and including 6.1.4 are affected by this vulnerability due to missing or incorrect nonce validation on the wpas_edit_reply_ajax() function.