cleantalk
Vulnerabilities and Security Researches

JS Help Desk – Best Help Desk & Support Plugin, CVE-2025-30901

CVE, Research URL

CVE-2025-30901

Home page URL

Security reports for JS Help Desk – Best Help Desk & Support Plugin

Application

JS Help Desk – Best Help Desk & Support Plugin

Published on
Apr 01, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2.
Affected versions
max 2.9.3.
Status
vulnerable
Previous vulnerability researches
JS Help Desk – Best Help Desk & Support Plugin (CVE-2024-7094) , Aug 14, 2024
JS Help Desk – Best Help Desk & Support Plugin (CVE-2024-13607) , Feb 05, 2025
JS Help Desk – Best Help Desk & Support Plugin (CVE-2025-30880) , Apr 03, 2025
JS Help Desk – Best Help Desk & Support Plugin (CVE-2025-30882) , Apr 03, 2025
JS Help Desk – Best Help Desk & Support Plugin (CVE-2025-30886) , Apr 03, 2025
New vulnerability
ElementInvader Addons for Elementor (CVE-2026-25028) , Feb 27, 2026
SportsPress – Sports Club & League Manager (CVE-2025-15368) , Feb 27, 2026
Addonify – WooCommerce Wishlist (CVE-2025-68024) , Feb 27, 2026
Cool Tag Cloud (CVE-2025-69011) , Feb 27, 2026
WP Wizard Cloak (CVE-2025-53237) , Feb 27, 2026