JS Help Desk — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in JS Help Desk, with AI-generated Chinese analysis, references, and POCs.

Vendor: JS Help Desk

CVE ID	Title	CVSS	Severity	Published
CVE-2026-32535	WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability CWE-639	9.1	-	2026-03-25
CVE-2026-32534	WordPress JS Help Desk plugin <= 3.0.3 - SQL Injection vulnerability CWE-89	9.8	-	2026-03-25
CVE-2026-24959	WordPress JS Help Desk plugin <= 3.0.1 - SQL Injection vulnerability CWE-89	9.8^AI	Critical^AI	2026-02-20
CVE-2025-30878	WordPress JS Help Desk plugin <= 2.9.2 - Arbitrary File Deletion vulnerability CWE-22	8.6	High	2025-04-01
CVE-2025-30882	WordPress JS Help Desk plugin <= 2.9.1 - Arbitrary File Download vulnerability CWE-22	7.5	High	2025-04-01
CVE-2025-30886	WordPress JS Help Desk plugin <= 2.9.2 - SQL Injection vulnerability CWE-89	9.3	Critical	2025-04-01
CVE-2025-30901	WordPress JS Help Desk plugin <= 2.9.2 - Local File Inclusion vulnerability CWE-98	8.1	High	2025-04-01
CVE-2025-30880	WordPress JS Help Desk plugin <= 2.9.2 - Broken Access Control vulnerability CWE-862	7.5	High	2025-04-01
CVE-2022-46840	WordPress JS Help Desk plugin <= 2.7.1 - Broken Access Control CWE-862	5.4	Medium	2024-12-13
CVE-2022-46838	WordPress JS Help Desk plugin <= 2.7.1 - Unauthenticated Settings Change Vulnerability CWE-862	9.1	Critical	2024-12-13
CVE-2024-51670	WordPress JS Help Desk plugin <= 2.8.7 - Stored Cross Site Scripting (XSS) vulnerability CWE-79	5.9	Medium	2024-11-09
CVE-2023-23679	WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.7 is vulnerable to Insecure Direct Object References (IDOR) CWE-639	4.6	Medium	2023-06-23
CVE-2022-46842	WordPress JS Help Desk plugin <= 2.7.1 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352	5.4	Medium	2023-02-02

All 13 known CVE vulnerabilities affecting JS Help Desk with full Chinese analysis, references, and POCs where available.