Cyber Resilience

CVE-2024-13606

High

Published: 13 February 2025

Published
13 February 2025
Modified
18 February 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0029 52.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-13606 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Wiselyhub Js Help Desk. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 47.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-22 (Publicly Accessible Content).

Deeper analysis

CVE-2024-13606 is a sensitive information exposure vulnerability affecting the JS Help Desk – The Ultimate Help Desk & Support Plugin for WordPress in all versions up to and including 2.8.8. The issue stems from insecure storage of data in the /wp-content/uploads/jssupportticketdata directory, which can contain file attachments from support tickets. This flaw, classified under CWE-200, has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no requirements for privileges or user interaction.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low complexity by directly accessing the exposed jssupportticketdata directory. Successful exploitation allows extraction of sensitive data, such as file attachments included in support tickets, potentially leading to disclosure of confidential information without affecting integrity or availability.

Advisories, including those from Wordfence, highlight the vulnerability and reference the affected code in the plugin's uploads.php file at version 2.8.8. Mitigation involves updating the plugin to a version beyond 2.8.8, where the insecure directory exposure is addressed, and reviewing uploads for any already compromised data.

EU & UK References

Vulnerability details

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the 'jssupportticketdata' directory. This makes it possible for unauthenticated attackers…

more

to extract sensitive data stored insecurely in the /wp-content/uploads/jssupportticketdata directory which can contain file attachments included in support tickets.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct remote unauthenticated file access to exposed uploads directory enables T1005 (Data from Local System) and is achieved by exploiting a public-facing web application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-22973Shared CWE-200
CVE-2024-43707Shared CWE-200
CVE-2024-13622Shared CWE-200
CVE-2024-13611Shared CWE-200
CVE-2024-13600Shared CWE-200
CVE-2024-55272Shared CWE-200
CVE-2025-26167Shared CWE-200
CVE-2024-13568Shared CWE-200
CVE-2024-13638Shared CWE-200
CVE-2025-24253Shared CWE-200

Affected Assets

wiselyhub
js help desk
≤ 2.8.9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires reviewing, restricting, and removing publicly accessible content to prevent exposure of sensitive directories like jssupportticketdata containing support ticket attachments.

prevent

Mandates timely flaw remediation, such as patching the JS Help Desk plugin beyond version 2.8.8 to address the insecure directory storage.

prevent

Explicitly authorizes and limits actions permitted without identification or authentication, preventing unauthenticated access to the exposed sensitive data directory.

References