CVE-2023-7337
SQL Injection in JS Help Desk Plugin Allows Data Extraction
Publication date: 2026-03-04
Last updated on: 2026-03-04
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| js_help_desk | js_support_ticket | to 2.8.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The JS Help Desk β AI-Powered Support & Ticketing System plugin for WordPress version 2.8.2 is vulnerable to SQL Injection through the 'js-support-ticket-token-tkstatus' cookie.
This vulnerability exists because a previous fix for CVE-2023-50839 was incomplete, leaving a second sink with insufficient escaping of user-supplied values and inadequate preparation of the SQL query.
As a result, unauthenticated attackers can append additional SQL queries to existing ones, potentially extracting sensitive information from the database.
How can this vulnerability impact me? :
This vulnerability allows unauthenticated attackers to perform SQL Injection attacks, which can lead to unauthorized extraction of sensitive information from the database.
Because the attacker does not need to be authenticated, the risk of data exposure is higher.
The CVSS score of 7.5 indicates a high severity impact on confidentiality, meaning sensitive data could be compromised.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests for the presence of the 'js-support-ticket-token-tkstatus' cookie containing suspicious or crafted SQL injection payloads.
Network or system administrators can inspect web server logs or use tools like curl or wget to send requests with manipulated 'js-support-ticket-token-tkstatus' cookie values to test if the system is vulnerable.
- Example curl command to test for SQL injection via the vulnerable cookie: curl -v --cookie "js-support-ticket-token-tkstatus=' OR 1=1--" https://yourwordpresssite.com
- Use web application scanners that support cookie-based injection testing to automate detection.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate mitigation step is to update the JS Help Desk β AI-Powered Support & Ticketing System plugin to version 2.8.3 or later, where the vulnerability has been fixed.'}, {'type': 'paragraph', 'content': 'If updating is not immediately possible, consider temporarily disabling the plugin or restricting access to it until the patch can be applied.'}, {'type': 'paragraph', 'content': "Additionally, monitor logs for suspicious activity involving the 'js-support-ticket-token-tkstatus' cookie and implement web application firewall (WAF) rules to block malicious SQL injection attempts targeting this parameter."}] [1]