{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32535", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-03-12T11:12:24.777Z", "datePublished": "2026-03-25T16:15:10.312Z", "dateUpdated": "2026-03-26T13:36:09.955Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "js-support-ticket", "product": "JS Help Desk", "vendor": "JoomSky", "versions": [{"changes": [{"at": "3.0.4", "status": "unaffected"}], "lessThanOrEqual": "<= 3.0.3", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Bonds | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:42.496Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects JS Help Desk: from n/a through <= 3.0.3.</p>"}], "value": "Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 3.0.3."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:15:10.312Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/js-support-ticket/vulnerability/wordpress-js-help-desk-plugin-3-0-3-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "title": "WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T13:17:10.642278Z", "id": "CVE-2026-32535", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T13:36:09.955Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-32535", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T13:17:10.642278Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T13:17:01.528Z"}}], "cna": {"title": "WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Bonds | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "affected": [{"vendor": "JoomSky", "product": "JS Help Desk", "versions": [{"status": "affected", "changes": [{"at": "3.0.4", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 3.0.3"}], "packageName": "js-support-ticket", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:42.496Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/js-support-ticket/vulnerability/wordpress-js-help-desk-plugin-3-0-3-insecure-direct-object-references-idor-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 3.0.3.", "supportingMedia": [{"type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects JS Help Desk: from n/a through <= 3.0.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:15:10.312Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32535", "state": "PUBLISHED", "dateUpdated": "2026-03-26T13:36:09.955Z", "dateReserved": "2026-03-12T11:12:24.777Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:15:10.312Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 3.0.3."}, {"lang": "es", "value": "Vulnerabilidad de elusi\u00f3n de autorizaci\u00f3n a trav\u00e9s de clave controlada por el usuario en JoomSky JS Help Desk js-support-ticket permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a JS Help Desk: desde n/a hasta &lt;= 3.0.3."}], "id": "CVE-2026-32535", "lastModified": "2026-03-30T13:27:12.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:17:07.160", "references": [{"source": "[email protected]", "url": "https://patchstack.com/database/Wordpress/Plugin/js-support-ticket/vulnerability/wordpress-js-help-desk-plugin-3-0-3-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "[email protected]", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.0.3]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[3.0.4,*]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "JS Help Desk", "source": "cna", "vendor": "JoomSky"}, "product": "js_help_desk", "vendor": "joomsky"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T15:59:37.008369+00:00", "value": {"mitigation_remediation": ["Upgrade to JS Help Desk version 3.0.4 or later to remove the IDOR flaw.", "If upgrade is not possible immediately, restrict access to the plugin\u2019s administrative pages using web server rules or firewall settings to limit exposure to authorized users only.", "Monitor incoming requests for anomalous ticket key values to detect potential abuse."], "summary": {"action": "Update Plugin", "impact": "Authorization Bypass via IDOR"}, "threat_synthesis": {"affected_systems": "Affected systems include installations of the JS Help Desk WordPress plugin from any version up to and including 3.0.3. The issue is present in all releases before that version, with the exact edition unspecified beyond the upper bound. No later versions are listed as vulnerable.", "description_and_impact": "The JoomSky JS Help Desk WordPress plugin contains an Authorization Bypass through User\u2011Controlled Key flaw, which permits an attacker to reference tickets belonging to other users by manipulating a key value. This insecure direct object reference undermines confidentiality and integrity, as unauthorized users may view or modify tickets that do not belong to them. The weakness is classified as CWE\u2011639.", "risk_and_exploitability": "The CVSS score of 6.5 indicates medium severity, and the EPSS score of less than 1\u202f% suggests a low probability of exploitation in the wild. The vulnerability is not listed in CISA\u2019s KEV catalog. Based on the description, the likely attack vector is remote, over the web, by sending crafted HTTP requests that supply a manipulated key to the plugin\u2019s endpoints. Exploitation would require either authenticated access or the ability to guess valid key values."}}}}, "created": "2026-03-25T21:47:05.439893+00:00", "updated": "2026-03-27T09:30:38.314980+00:00", "vendors": ["joomsky", "joomsky$PRODUCT$js_help_desk", "wordpress", "wordpress$PRODUCT$wordpress"]}