Joomsky Js_help_desk
12 CVEs affecting Joomsky Js_help_desk. Latest disclosed: 2025-04-01. Critical: 3, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-30886 | Critical | 9.3 | 2025-04-01 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injecti… |
CVE-2022-46838 | Critical | 9.1 | 2024-12-13 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Secu… |
CVE-2023-25444 | Critical | 9.1 | 2024-05-17 | Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This… |
CVE-2018-21002 | High | 8.8 | 2019-08-27 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. |
CVE-2025-30878 | High | 8.6 | 2025-04-01 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.Th… |
CVE-2022-47151 | High | 8.6 | 2024-04-17 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plug… |
CVE-2025-30901 | High | 8.1 | 2025-04-01 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket… |
CVE-2025-30882 | High | 7.5 | 2025-04-01 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.Th… |
CVE-2025-30880 | High | 7.5 | 2025-04-01 | Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issu… |
CVE-2024-51670 | Medium | 5.9 | 2024-11-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS… |
CVE-2024-43274 | Medium | 5.8 | 2024-11-01 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by A… |
CVE-2022-46840 | Medium | 5.4 | 2024-12-13 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Secu… |