Vulnerabilities and security researches forjs-support-ticket js-support-ticket

Direction: ascending

Jun 07, 2024

JS Help Desk – Best Help Desk & Support Plugin # CVE-2018-21002

CVE, Research URL: CVE-2018-21002
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Aug 27, 2019
Research Description: The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
Affected versions: max 2.0.6.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-31273

CVE, Research URL: CVE-2024-31273
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Jun 09, 2024
Research Description: Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.3.
Affected versions: max 2.8.4.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46842

CVE, Research URL: CVE-2022-46842
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Feb 03, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions.
Affected versions: max 2.7.2.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-23679

CVE, Research URL: CVE-2023-23679
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Jun 23, 2023
Research Description: Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a through 2.7.7.
Affected versions: max 2.7.8.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46839

CVE, Research URL: CVE-2022-46839
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Jan 05, 2024
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
Affected versions: max 2.7.2.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-25444

CVE, Research URL: CVE-2023-25444
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: May 17, 2024
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7.
Affected versions: max 2.7.8.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-50839

CVE, Research URL: CVE-2023-50839
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Dec 29, 2023
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1.
Affected versions: max 2.8.2.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-47151

CVE, Research URL: CVE-2022-47151
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 17, 2024
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
Affected versions: max 2.7.2.
Status: vulnerable

Jun 10, 2024

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46840

CVE, Research URL: CVE-2022-46840
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
Affected versions: max 2.7.2.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46838

CVE, Research URL: CVE-2022-46838
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
Affected versions: Min 2.7.1, max 2.7.2.
Status: vulnerable

Aug 14, 2024

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-7094

CVE, Research URL: CVE-2024-7094
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Aug 13, 2024
Research Description: The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on user-supplied values, which replace values in the style.php file, along with missing capability checks. This makes it possible for unauthenticated attackers to execute code on the server. This issue was partially patched in 2.8.6 when the code injection issue was resolved, and fully patched in 2.8.7 when the missing authorization and cross-site request forgery protection was added.
Affected versions: max 2.8.7.
Status: vulnerable

Aug 16, 2024

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-43274

CVE, Research URL: CVE-2024-43274
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.
Affected versions: max 2.8.7.
Status: vulnerable

Nov 05, 2024

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-51670

CVE, Research URL: CVE-2024-51670
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Nov 09, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Stored XSS.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.7.
Affected versions: max 2.8.8.
Status: vulnerable

Feb 05, 2025

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-13607

CVE, Research URL: CVE-2024-13607
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Feb 04, 2025
Research Description: The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level permissions and above, to export ticket data for any user.
Affected versions: max 2.8.9.
Status: vulnerable

Feb 16, 2025

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-13606

CVE, Research URL: CVE-2024-13606
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Feb 13, 2025
Research Description: The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the 'jssupportticketdata' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/jssupportticketdata directory which can contain file attachments included in support tickets.
Affected versions: max 2.8.9.
Status: vulnerable

Apr 03, 2025

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30880

CVE, Research URL: CVE-2025-30880
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 01, 2025
Research Description: Missing Authorization vulnerability in JoomSky JS Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Help Desk: from n/a through 2.9.2.
Affected versions: max 2.9.3.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30882

CVE, Research URL: CVE-2025-30882
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 01, 2025
Research Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.1.
Affected versions: max 2.9.2.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30886

CVE, Research URL: CVE-2025-30886
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 01, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk allows SQL Injection. This issue affects JS Help Desk: from n/a through 2.9.2.
Affected versions: max 2.9.3.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30901

CVE, Research URL: CVE-2025-30901
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 01, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2.
Affected versions: max 2.9.3.
Status: vulnerable

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30878

CVE, Research URL: CVE-2025-30878
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Apr 01, 2025
Research Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.2.
Affected versions: max 2.9.3.
Status: vulnerable

Feb 27, 2026

JS Help Desk – Best Help Desk & Support Plugin # CVE-2026-24959

CVE, Research URL: CVE-2026-24959
Home page URL: Security reports for JS Help Desk – Best Help Desk & Support Plugin
Application: JS Help Desk – Best Help Desk & Support Plugin
Date: Feb 20, 2026
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through <= 3.0.1.
Affected versions: max 3.0.1.
Status: vulnerable

Vulnerabilities and security researches forjs-support-ticket js-support-ticket

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2018-21002

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-31273

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2022-46842

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2023-23679

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2022-46839

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2023-25444

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2023-50839

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2022-47151

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2022-46840

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2022-46838

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-7094

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-43274

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-51670

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-13607

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2024-13606

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2025-30880

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2025-30882

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2025-30886

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2025-30901

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2025-30878

JS Help Desk &#8211; Best Help Desk &amp; Support Plugin # CVE-2026-24959

JS Help Desk – Best Help Desk & Support Plugin # CVE-2018-21002

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-31273

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46842

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-23679

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46839

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-25444

JS Help Desk – Best Help Desk & Support Plugin # CVE-2023-50839

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-47151

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46840

JS Help Desk – Best Help Desk & Support Plugin # CVE-2022-46838

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-7094

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-43274

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-51670

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-13607

JS Help Desk – Best Help Desk & Support Plugin # CVE-2024-13606

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30880

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30882

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30886

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30901

JS Help Desk – Best Help Desk & Support Plugin # CVE-2025-30878

JS Help Desk – Best Help Desk & Support Plugin # CVE-2026-24959