Login Sign Up

CVE-2023-25444

9.1 CRITICAL

📋 TL;DR

This vulnerability allows attackers to upload malicious files to WordPress sites using the JS Help Desk plugin. It affects all versions up to 2.7.7, potentially leading to complete site compromise.

💻 Affected Systems

Products:
  • JS Help Desk – Best Help Desk & Support Plugin for WordPress
Versions: All versions up to and including 2.7.7
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Affects WordPress installations with the vulnerable plugin enabled.

📦 What is this software?

Js Help Desk by Joomsky

View all CVEs affecting Js Help Desk →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full server compromise, data theft, and website defacement.

🟠

Likely Case

Malware upload leading to backdoor installation, credential theft, and unauthorized administrative access.

🟢

If Mitigated

Limited impact if file uploads are disabled or strict file type validation is enforced.

🌐 Internet-Facing: HIGH - WordPress plugins are typically internet-facing and this allows unauthenticated file upload.
🏢 Internal Only: MEDIUM - Internal systems could still be compromised if plugin is used internally.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Simple file upload exploitation with publicly available proof-of-concept.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.7.8 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-best-help-desk-support-plugin-plugin-2-7-7-arbitrary-file-upload-vulnerability

Restart Required: No

Instructions:

1. Update JS Help Desk plugin to version 2.7.8 or higher via WordPress admin panel. 2. Verify update completes successfully. 3. Clear WordPress cache if applicable.

🔧 Temporary Workarounds

Disable file uploads

all

Temporarily disable file upload functionality in the plugin settings

Web server file type restrictions

linux

Configure web server to block execution of uploaded files in upload directories

# Apache: Add to .htaccess in upload directory
<FilesMatch "\.(php|phtml|php3|php4|php5|pl|py|jsp|asp|sh|cgi)$">
  Order Deny,Allow
  Deny from all
</FilesMatch>
# Nginx: Add to server block
location ~* \.(php|phtml|php3|php4|php5|pl|py|jsp|asp|sh|cgi)$ {
  deny all;
}

🧯 If You Can't Patch

  • Disable or uninstall the JS Help Desk plugin immediately
  • Implement web application firewall rules to block malicious file uploads

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > JS Help Desk version. If version is 2.7.7 or lower, you are vulnerable.

Check Version:

# WordPress CLI
wp plugin list --name="js-help-desk" --field=version

# Or check wp-content/plugins/js-help-desk/js-support-ticket.php header

Verify Fix Applied:

Verify plugin version is 2.7.8 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /wp-content/uploads/js-support-ticket/
  • POST requests to upload endpoints with suspicious file extensions
  • Web shell access patterns in access logs

Network Indicators:

  • HTTP POST requests to /wp-admin/admin-ajax.php with file upload parameters
  • Traffic to unexpected PHP files in upload directories

SIEM Query:

source="web_access_logs" AND (uri_path="*admin-ajax.php*" AND method="POST" AND (form_data="*action=upload*" OR form_data="*jsst_upload*"))

📊 Metadata

CVE ID: CVE-2023-25444
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-434
Published: May 17, 2024
Last Updated: January 23, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-25444, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)