EUVD-2026-16177
GHSA-8398-gmmx-564h
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4Description
The JS Help Desk - AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, and including, 3.0.4. This is due to the user-supplied `multiformid` value being passed to `esc_sql()` without enclosing the result in quotes in the SQL query, rendering the escaping ineffective against payloads that do not contain quote characters. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Analysis
Unauthenticated SQL injection in JS Help Desk WordPress plugin versions up to 3.0.4 allows remote attackers to extract sensitive database information via the multiformid parameter in the storeTickets() function. The vulnerability exploits improper use of esc_sql() without SQL quote encapsulation, enabling injection of additional SQL queries without requiring quote characters. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit deployed versions of JS Help Desk plugin across all WordPress instances and identify all systems running version 3.0.4 or earlier. Within 7 days: Disable or restrict the storeTickets() function via Web Application Firewall (WAF) rules blocking requests with suspicious multiformid parameter patterns, and implement network segmentation to limit direct database access from the WordPress application layer. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today