Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
4 vulnerabilities by rabilal
CVE-2023-7337 (GCVE-0-2023-7337)
Vulnerability from cvelistv5 – Published: 2026-03-04 09:24 – Updated: 2026-03-04 15:02
VLAI?
Title
JS Help Desk – AI-Powered Support & Ticketing System 2.8.2 - Unauthenticated SQL Injection via 'js-support-ticket-token-tkstatus' Cookie
Summary
The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied values and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity ?
7.5 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| rabilal | JS Help Desk – AI-Powered Support & Ticketing System |
Affected:
* , ≤ 2.8.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-7337",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T15:01:56.197397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T15:02:06.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JS Help Desk \u2013 AI-Powered Support \u0026 Ticketing System",
"vendor": "rabilal",
"versions": [
{
"lessThanOrEqual": "2.8.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The JS Help Desk \u2013 AI-Powered Support \u0026 Ticketing System plugin for WordPress is vulnerable to SQL Injection via the \u0027js-support-ticket-token-tkstatus\u0027 cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied values and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T09:24:29.837Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b841531b-8728-4933-b3c4-d4e10cbdca79?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/js-support-ticket/tags/2.8.2\u0026new_path=/js-support-ticket/tags/2.8.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-03T17:02:59.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-03T20:36:25.000Z",
"value": "Disclosed"
}
],
"title": "JS Help Desk \u2013 AI-Powered Support \u0026 Ticketing System 2.8.2 - Unauthenticated SQL Injection via \u0027js-support-ticket-token-tkstatus\u0027 Cookie"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-7337",
"datePublished": "2026-03-04T09:24:29.837Z",
"dateReserved": "2026-03-03T13:45:31.115Z",
"dateUpdated": "2026-03-04T15:02:06.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13606 (GCVE-0-2024-13606)
Vulnerability from cvelistv5 – Published: 2025-02-13 09:21 – Updated: 2025-02-13 14:28
VLAI?
Title
JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory
Summary
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the 'jssupportticketdata' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/jssupportticketdata directory which can contain file attachments included in support tickets.
Severity ?
7.5 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| rabilal | JS Help Desk – The Ultimate Help Desk & Support Plugin |
Affected:
* , ≤ 2.8.8
(semver)
|
Credits
Tim Coen
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13606",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T14:27:54.283308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T14:28:06.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin",
"vendor": "rabilal",
"versions": [
{
"lessThanOrEqual": "2.8.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the \u0027jssupportticketdata\u0027 directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/jssupportticketdata directory which can contain file attachments included in support tickets."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T09:21:47.088Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8ed5d5d-86b0-40ac-a093-31392dea13a2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.8/includes/classes/uploads.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-12T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin \u003c= 2.8.8 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13606",
"datePublished": "2025-02-13T09:21:47.088Z",
"dateReserved": "2025-01-21T20:01:20.391Z",
"dateUpdated": "2025-02-13T14:28:06.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13607 (GCVE-0-2024-13607)
Vulnerability from cvelistv5 – Published: 2025-02-04 06:41 – Updated: 2025-02-04 15:43
VLAI?
Title
JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Authenticated (Subscriber+) Insecure Direct Object Reference
Summary
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level permissions and above, to export ticket data for any user.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| rabilal | JS Help Desk – The Ultimate Help Desk & Support Plugin |
Affected:
* , ≤ 2.8.8
(semver)
|
Credits
Tim Coen
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13607",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:43:04.647636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T15:43:09.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin",
"vendor": "rabilal",
"versions": [
{
"lessThanOrEqual": "2.8.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the \u0027exportusereraserequest\u0027 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level permissions and above, to export ticket data for any user."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T06:41:53.947Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f57fbbc-ed5a-4452-bd8a-6fc0a4536d76?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.8/modules/gdpr/controller.php#L110"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3230977/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-03T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin \u003c= 2.8.8 - Authenticated (Subscriber+) Insecure Direct Object Reference"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13607",
"datePublished": "2025-02-04T06:41:53.947Z",
"dateReserved": "2025-01-21T20:09:50.331Z",
"dateUpdated": "2025-02-04T15:43:09.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7094 (GCVE-0-2024-7094)
Vulnerability from cvelistv5 – Published: 2024-08-13 02:31 – Updated: 2024-08-13 14:51
VLAI?
Title
JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.6 - Unauthenticated PHP Code Injection to Remote Code Execution
Summary
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on user-supplied values, which replace values in the style.php file, along with missing capability checks. This makes it possible for unauthenticated attackers to execute code on the server. This issue was partially patched in 2.8.6 when the code injection issue was resolved, and fully patched in 2.8.7 when the missing authorization and cross-site request forgery protection was added.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| rabilal | JS Help Desk – The Ultimate Help Desk & Support Plugin |
Affected:
* , ≤ 2.8.6
(semver)
|
Credits
Connor Billings
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wiselyhub:js_help_desk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "js_help_desk",
"vendor": "wiselyhub",
"versions": [
{
"lessThanOrEqual": "2.8.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7094",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T14:49:06.948729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:51:27.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin",
"vendor": "rabilal",
"versions": [
{
"lessThanOrEqual": "2.8.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Connor Billings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the \u0027storeTheme\u0027 function. This is due to a lack of sanitization on user-supplied values, which replace values in the style.php file, along with missing capability checks. This makes it possible for unauthenticated attackers to execute code on the server. This issue was partially patched in 2.8.6 when the code injection issue was resolved, and fully patched in 2.8.7 when the missing authorization and cross-site request forgery protection was added."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T02:31:39.099Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31513f9e-6185-425b-9e7e-36f21f72d0a2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.5/includes/formhandler.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.5/modules/themes/tpls/admin_themes.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.5/modules/themes/controller.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.5/modules/themes/model.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/js-support-ticket/tags/2.8.5/includes/css/style.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-12T14:17:56.000Z",
"value": "Disclosed"
}
],
"title": "JS Help Desk \u2013 The Ultimate Help Desk \u0026 Support Plugin \u003c= 2.8.6 - Unauthenticated PHP Code Injection to Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7094",
"datePublished": "2024-08-13T02:31:39.099Z",
"dateReserved": "2024-07-24T21:58:26.836Z",
"dateUpdated": "2024-08-13T14:51:27.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}