本頁列出影響 joomsky js_help_desk 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-30901 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 8.1 | 0.76% | 2025-04-01 | 2026-06-17 |
| CVE-2025-30886 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 9.3 | 0.46% | 2025-04-01 | 2026-06-17 |
| CVE-2025-30882 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1. | [email protected] | 7.5 | 0.56% | 2025-04-01 | 2026-06-17 |
| CVE-2025-30880 | Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 7.5 | 0.47% | 2025-04-01 | 2026-06-17 |
| CVE-2025-30878 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2. | [email protected] | 8.6 | 0.55% | 2025-04-01 | 2026-06-17 |
| CVE-2022-46840 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 5.4 | 0.45% | 2024-12-13 | 2026-06-17 |
| CVE-2022-46838 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 9.1 | 0.71% | 2024-12-13 | 2026-06-17 |
| CVE-2024-51670 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7. | [email protected] | 5.9 | 0.25% | 2024-11-09 | 2026-06-17 |
| CVE-2024-43274 | Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6. | [email protected] | 5.8 | 0.44% | 2024-11-01 | 2026-06-17 |
| CVE-2023-25444 | Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. | [email protected] | 9.1 | 0.69% | 2024-05-17 | 2026-06-17 |
| CVE-2022-47151 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 8.6 | 0.44% | 2024-04-17 | 2026-06-17 |
| CVE-2018-21002 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. | [email protected] | 8.8 | 0.68% | 2019-08-27 | 2026-06-16 |