Skip to main content

JS Help Desk CVE-2026-57652

| EUVDEUVD-2026-39767 MEDIUM
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-06-26 audit@patchstack.com GHSA-f9qq-cqgc-cmmx
5.3
CVSS 3.1 · Vendor: patchstack
Share

Severity by source

Vendor (patchstack) PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vuln.today AI
5.3 MEDIUM

Unauthenticated network exploitation with no complexity; IDOR yields read-only access to ticket data, so only C:L applies with no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (patchstack).

CVSS VectorVendor: patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 26, 2026 - 16:09 vuln.today

DescriptionCVE.org

Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.

AnalysisAI

Unauthenticated IDOR in the JS Help Desk WordPress plugin (versions ≤3.1.0) exposes support ticket objects to unauthorized access by any remote attacker. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no authentication and no user interaction against a default plugin installation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify WordPress site with JS Help Desk ≤3.1.0
Exploit
Send unauthenticated HTTP request with manipulated ticket object reference
Execution
Server returns ticket data without authorization check
Impact
Enumerate additional ticket IDs to harvest user data

Vulnerability AssessmentAI

Exploitation No special conditions are required beyond the plugin being installed, active, and publicly accessible on a WordPress site running version ≤3.1.0. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 5.3 Medium score is consistent with the actual risk profile: network-reachable, zero authentication required, low complexity, but impact confined to partial confidentiality (C:L) with no integrity or availability exposure (I:N/A:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends HTTP requests to the JS Help Desk plugin's endpoint with sequentially or randomly modified ticket ID parameters. Because no authorization check validates ownership, the server returns ticket contents for any valid ID. …
Remediation Update JS Help Desk to the first version released after 3.1.0; the Patchstack advisory linked above should specify the exact patched version, which is not explicitly stated in the available source data - the precise fix version is not independently confirmed here. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57652 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy