This page lists publicly disclosed CVE vulnerabilities affecting joomsky js_help_desk (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-30901 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 8.1 | 0.75% | 2025-04-01 | 2026-04-23 |
| CVE-2025-30886 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 9.3 | 0.11% | 2025-04-01 | 2026-04-23 |
| CVE-2025-30882 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1. | [email protected] | 7.5 | 0.36% | 2025-04-01 | 2026-04-23 |
| CVE-2025-30880 | Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 7.5 | 0.23% | 2025-04-01 | 2026-04-23 |
| CVE-2025-30878 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 8.6 | 0.26% | 2025-04-01 | 2026-04-23 |
| CVE-2022-46840 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 5.4 | 0.16% | 2024-12-13 | 2026-04-28 |
| CVE-2022-46838 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 9.1 | 0.38% | 2024-12-13 | 2026-04-28 |
| CVE-2024-51670 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7. | [email protected] | 5.9 | 0.16% | 2024-11-09 | 2026-04-23 |
| CVE-2024-43274 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6. | [email protected] | 5.8 | 0.26% | 2024-11-01 | 2026-01-26 |
| CVE-2023-25444 | Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. | [email protected] | 9.1 | 0.69% | 2024-05-17 | 2026-01-23 |
| CVE-2022-47151 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 8.6 | 0.18% | 2024-04-17 | 2026-04-28 |
| CVE-2018-21002 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. | [email protected] | 8.8 | 0.11% | 2019-08-27 | 2024-11-21 |