Lucene search
K

12 matches found

CVE
CVE
added 2025/04/01 5:31 a.m.69 views

CVE-2025-30886

CVE-2025-30886 is an unauthenticated SQL Injection affecting the WordPress plugin JS Help Desk (versions up to 2.9.2). The root cause is improper neutralization of input in an SQL command, leading to potential data disclosure/alteration. The issue is rated high/severe in public disclosures, and a...

10CVSS7.3AI score0.005EPSS
CVE
CVE
added 2025/04/01 5:31 a.m.68 views

CVE-2025-30880

CVE-2025-30880 : In the WordPress plugin "JS Help Desk – The Ultimate Help Desk & Support Plugin", a missing/incorrectly configured authorization issue is cited as a vulnerability. The CVSS 3.1 vector indicates an unauthenticated network attack with high impact on availability (base score 7.5, HI...

7.5CVSS7.2AI score0.00468EPSS
CVE
CVE
added 2025/04/01 5:31 a.m.62 views

CVE-2025-30882

The CVE-2025-30882 entry concerns JS Help Desk for WordPress with an Unauthenticated Path Traversal that allows Arbitrary File Download in versions up to 2.9.1. The vulnerability has a high potential impact (CVSS v3.1: 7.5, Attack Vector Network, Privileges None, User Interaction None) with Confi...

7.5CVSS7.2AI score0.00565EPSS
CVE
CVE
added 2025/04/01 5:31 a.m.59 views

CVE-2025-30901

CVE-2025-30901 affects WordPress JS Help Desk (JS Help Desk plugin) and is an unauthenticated Local File Inclusion via improper filename handling in PHP includes. The vulnerability affects JS Help Desk

8.1CVSS7.2AI score0.00817EPSS
CVE
CVE
added 2024/11/09 1:6 p.m.58 views

CVE-2024-51670

CVE-2024-51670 – JS Help Desk WordPress Plugin : Affected plugin versions are

5.9CVSS5.9AI score0.00253EPSS
CVE
CVE
added 2024/05/17 6:35 a.m.57 views

CVE-2023-25444

CVE-2023-25444 affects the WordPress plugin JS Help Desk – Best Help Desk & Support Plugin (versions

9.1CVSS6.8AI score0.00668EPSS
CVE
CVE
added 2019/08/27 11:24 a.m.56 views

CVE-2018-21002

The CVE-2018-21002 entry affects the WordPress plugin js-support-ticket prior to version 2.0.6, which is vulnerable to Cross-Site Request Forgery (CSRF). The issue is caused by CSRF in the plugin’s handling of requests, enabling unintended state-changing actions on affected sites. NVD lists CVSS ...

8.8CVSS8.7AI score0.00681EPSS
CVE
CVE
added 2025/04/01 5:31 a.m.56 views

CVE-2025-30878

CVE-2025-30878 affects the WordPress plugin JS Help Desk (

9.1CVSS7.2AI score0.00595EPSS
CVE
CVE
added 2024/04/17 10:17 a.m.54 views

CVE-2022-47151

CVE-2022-47151 affects WordPress JS Help Desk – Best Help Desk & Support Plugin up to version 2.7.1. The vulnerability is an unauthenticated SQL Injection due to improper neutralization of SQL elements in the plugin, enabling potentially dangerous SQL execution without authentication. Impact is h...

8.6CVSS5.6AI score0.00443EPSS
CVE
CVE
added 2024/12/13 2:22 p.m.43 views

CVE-2022-46838

CVE-2022-46838 affects the WordPress plugin JS Help Desk – Best Help Desk & Support Plugin, versions prior to 2.7.1. The issue is a Missing Authorization vulnerability due to an incorrectly configured access control security level, enabling unauthenticated users to perform settings changes. Impac...

9.1CVSS5.2AI score0.00703EPSS
CVE
CVE
added 2024/11/01 2:17 p.m.41 views

CVE-2024-43274

The CVE-2024-43274 entry affects the WordPress plugin “JS Help Desk – Best Help Desk & Support Plugin” (versions up to 2.8.6). Root cause: missing authorization leads to Broken Access Control, allowing unauthenticated actors to access functionality not properly constrained by ACLs. Impact is desc...

9.8CVSS5.7AI score0.00436EPSS
CVE
CVE
added 2024/12/13 2:22 p.m.36 views

CVE-2022-46840

CVE-2022-46840 affects WordPress plugin JS Help Desk – Best Help Desk & Support Plugin up to version 2.7.1. The issue is a Missing Authorization vulnerability (broken access control) due to incorrectly configured access control security levels. Root cause per Patchstack entry is missing authoriza...

5.4CVSS5.2AI score0.00441EPSS