[WordPress JS Help Desk – Best Help Desk & Support Plugin](versions 2.7.1 and older) Vulnerable for Arbitrary File Upload

Importance (CVSS3.0)

★★★★★★★★★★　10 / 10　 - Critical

Details

A vulnerability of Arbitrary File Upload was discovered in WordPress JS Help Desk - Best Help Desk & Support Plugin.

Therefore malicious attackers can upload any kinds of files. This can include backdoors that are executed to gain further access to your website.

Solutions

Update WordPress JS Help Desk - Best Help Desk & Support Plugin to the newest (2.7.2 and newer).

Source

CVE-2022-46839

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress JS Help Desk – Best Help Desk & Support Plugin](versions 2.7.1 and older) Vulnerable for Arbitrary File Upload”, by WS Security is licensed under CC BY 4.0.