Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in JS Help Desk – Best Help Desk & Support Plugin 2.7.1

  • Severity: high-risk
  • Status: Open
  • Publication: January 27, 2023

The JS Help Desk plugin for WordPress is not secure in versions up to 2.7.1. Attackers who are not logged in can use it to get sensitive information from the database. This is possible because the plugin does not properly protect user-supplied information and does not prepare existing SQL queries enough.

Detected in:

JS Help Desk – AI-Powered Help Desk & Support Plugin fixed vulnerable versions:
JS Help Desk – AI-Powered Support & Ticketing System fixed vulnerable versions:
JS Help Desk – The Ultimate Help Desk & Support Plugin fixed vulnerable versions:
JS Help Desk – Best Help Desk & Support Plugin open vulnerable versions: >= * <= 2.7.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.