6 matches found
JS Help Desk <= 2.8.1 - SQL Injection
The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
EUVD-2023-60537
The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...
CVE-2023-50839
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1...
CVE-2023-50839
CVE-2023-50839 affects the JS Help Desk – Best Help Desk & Support Plugin for WordPress. The vulnerability is an unauthenticated SQL Injection via email and trackingid in JS Help Desk, impacting versions up to 2.8.1 (as noted in the CVE entry). The vulnerability is labeled as CRITICAL (CVSS v3.1:...
CVE-2023-50839 WordPress JS Help Desk – Best Help Desk & Support Plugin <= 2.8.1 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1...
WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.8.1 is vulnerable to SQL Injection
Software JS Help Desk – Best Help Desk & Support Plugin Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.8.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50839 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID e03053a216be Credits Fariq Fadillah...