VYPR

Js Support Ticket

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-7094CriAug 13, 2024
    risk 0.69cvss 9.8epss 0.38

    The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on…

  • CVE-2024-13607MedFeb 4, 2025
    risk 0.21cvss 4.3epss 0.00

    The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it…

  • CVE-2018-21002Aug 27, 2019
    risk 0.00cvss epss 0.01

    The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.