Js Support Ticket
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7094 | Cri | 0.69 | 9.8 | 0.38 | Aug 13, 2024 | The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on… | ||
| CVE-2024-13607 | Med | 0.21 | 4.3 | 0.00 | Feb 4, 2025 | The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it… | ||
| CVE-2018-21002 | 0.00 | — | 0.01 | Aug 27, 2019 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. |
- risk 0.69cvss 9.8epss 0.38
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on…
- risk 0.21cvss 4.3epss 0.00
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it…
- CVE-2018-21002Aug 27, 2019risk 0.00cvss —epss 0.01
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.