Latest

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in JS Help Desk – The Ultimate Help Desk & Support Plugin 2.9.2

CVE-2025-30886

Severity: high-risk
Status: Fixed
Publication: March 27, 2025

The JS Help Desk plugin used in WordPress is at risk of being attacked by hackers through SQL Injection. This is because the plugin does not properly protect the data entered by users and the existing SQL query is not properly prepared. As a result, attackers can add their own SQL queries to extract private information from the database.

Detected in:

JS Help Desk – AI-Powered Help Desk & Support Plugin fixed vulnerable versions:

JS Help Desk – AI-Powered Support & Ticketing System fixed vulnerable versions:

JS Help Desk – The Ultimate Help Desk & Support Plugin fixed vulnerable versions:

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in JS Help Desk – The Ultimate Help Desk & Support Plugin 2.9.2

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in JS Help Desk – The Ultimate Help Desk & Support Plugin 2.9.2

Detected in: