Does Fluent Support – Helpdesk & Customer Support Ticket System have any unpatched vulnerabilities?

No. All known vulnerabilities in Fluent Support – Helpdesk & Customer Support Ticket System have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Fluent Support – Helpdesk & Customer Support Ticket System compatible with WordPress 6.9.4?

According to WordPress.org data, Fluent Support – Helpdesk & Customer Support Ticket System 2.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Fluent Support – Helpdesk & Customer Support Ticket System compatible with PHP 7.4+?

Fluent Support – Helpdesk & Customer Support Ticket System requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Fluent Support – Helpdesk & Customer Support Ticket System Security & Risk Analysis

wordpress.org/plugins/fluent-support

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K active installs v2.0.6 PHP 7.4+ WP 5.6+ Updated Mar 6, 2026

customer-support-pluginhelpdesksupport-pluginsupport-ticketwordpress-support-ticket

A · Safe

CVEs total7

Unpatched0

Last CVEJan 5, 2026

Plugin page Download

Safety Verdict

Is Fluent Support – Helpdesk & Customer Support Ticket System Safe to Use in 2026?

Generally Safe

Score 89/100

Fluent Support – Helpdesk & Customer Support Ticket System has a strong security track record. Known vulnerabilities have been patched promptly.

7 known CVEsLast CVE: Jan 5, 2026Updated 28d ago

Risk Assessment

The fluent-support plugin v2.0.6 exhibits a mixed security posture. While it demonstrates good practices with a high percentage of properly escaped outputs and a significant portion of SQL queries using prepared statements, there are notable areas of concern. The presence of an unprotected AJAX handler presents a direct entry point for potential attacks, and the use of the `unserialize` function is a significant risk if not handled with extreme caution, as it can lead to Remote Code Execution if supplied with malicious input.

The plugin's vulnerability history, with 7 known CVEs including high and medium severity issues like SQL Injection and Missing Authorization, indicates a recurring pattern of vulnerabilities. The fact that there are no currently unpatched vulnerabilities is a positive sign, but the types of past vulnerabilities suggest potential weaknesses in input validation and authorization checks.

In conclusion, while the plugin has strengths in output escaping and prepared SQL statements, the unprotected AJAX handler, the dangerous `unserialize` function, and the history of diverse and significant vulnerabilities warrant careful consideration. The attack surface includes one unprotected entry point, which, combined with the potential for deserialization vulnerabilities, elevates the overall risk profile.

Key Concerns

Unprotected AJAX handler
Dangerous function: unserialize
History of 7 CVEs (2 high, 5 medium)
Flows with unsanitized paths

Vulnerabilities

Fluent Support – Helpdesk & Customer Support Ticket System Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2023

2023

2 CVEs in 2024

2024

2 CVEs in 2025

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

High

Medium

7 total CVEs

CVE-2025-67926medium · 4.3Missing Authorization

Fluent Support <= 1.10.4 - Missing Authorization

Jan 5, 2026 Patched in 1.10.5 (10d)

CVE-2025-57885medium · 4.3Cross-Site Request Forgery (CSRF)

Fluent Support <= 1.9.1 - Cross-Site Request Forgery

Aug 22, 2025 Patched in 1.9.2 (5d)

CVE-2024-13568high · 7.5Exposure of Sensitive Information to an Unauthorized Actor

Fluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

Feb 28, 2025 Patched in 1.8.6 (3d)

CVE-2024-47302medium · 5.3Missing Authorization

Fluent Support <= 1.8.0 - Insufficient Authorization on Email Verification

Sep 25, 2024 Patched in 1.8.1 (8d)

CVE-2024-47304medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Fluent Support <= 1.8.0 - Authenticated (Subscriber+) SQL Injection

Sep 25, 2024 Patched in 1.8.1 (8d)

CVE-2023-51547medium · 6.6Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Fluent Support <= 1.7.6 - Authenticated(Administrator+) SQL Injection

Dec 27, 2023 Patched in 1.7.7 (27d)

CVE-2022-2559high · 7.2Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Fluent Support <= 1.5.7 - Authenticated (Administrator+) SQL Injection

Aug 2, 2022 Patched in 1.5.8 (539d)

Code Analysis

Analyzed Mar 16, 2026

Fluent Support – Helpdesk & Customer Support Ticket System Code Analysis

Dangerous Functions

Raw SQL Queries

29 prepared

Unescaped Output

364 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn @unserialize(trim($data), ['allowed_classes' => false]);app\Services\Helper.php:1495

SQL Query Safety

48% prepared60 total queries

Output Escaping

99% escaped369 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

view_attachment (app\Hooks\Handlers\ExternalPages.php:75)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Fluent Support – Helpdesk & Customer Support Ticket System Attack Surface

Entry Points5

Unprotected1

AJAX Handlers 1

authwp_ajax_fluent_support_renew_rest_nonceapp\Hooks\Handlers\AuthHandler.php:23

Shortcodes 4

[fluent_support_login] app\Hooks\Handlers\AuthHandler.php:19

[fluent_support_signup] app\Hooks\Handlers\AuthHandler.php:20

[fluent_support_auth] app\Hooks\Handlers\AuthHandler.php:21

[fluent_support_reset_password] app\Hooks\Handlers\AuthHandler.php:22

WordPress Hooks 42

actioninitapp\Hooks\actions.php:24

actioninitapp\Hooks\actions.php:58

actionlitespeed_initapp\Hooks\actions.php:80

actionninja_erp/before_add_paymentapp\Hooks\DataValidation\AccountingRestrictions.php:11

filterfluent_support/parse_smartcode_dataapp\Hooks\filters.php:8

filterfluent_support/dashboard_noticeapp\Hooks\filters.php:12

filterfluent_support/mail_to_customer_headerapp\Hooks\filters.php:26

actionfluent_support/ticket_createdapp\Hooks\Handlers\ActivityLogger.php:30

actionfluent_support/response_added_by_customerapp\Hooks\Handlers\ActivityLogger.php:50

actionfluent_support/response_added_by_agentapp\Hooks\Handlers\ActivityLogger.php:70

actionfluent_support/note_added_by_agentapp\Hooks\Handlers\ActivityLogger.php:86

actionfluent_support/ticket_closedapp\Hooks\Handlers\ActivityLogger.php:102

actionfluent_support/ticket_reopenapp\Hooks\Handlers\ActivityLogger.php:124

actionfluent_support/agent_assigned_to_ticketapp\Hooks\Handlers\ActivityLogger.php:146

actionfluent_support/ticket_deletedapp\Hooks\Handlers\ActivityLogger.php:163

actionadmin_bar_menuapp\Hooks\Handlers\AdminBarHandler.php:21

actionfluent_support/ai_response_successapp\Hooks\Handlers\AIActivityLogger.php:25

filterfluent_support/registration_form_fieldsapp\Hooks\Handlers\AuthHandler.php:126

filteruser_can_richeditapp\Hooks\Handlers\CustomerPortalHandler.php:203

actionadmin_headapp\Hooks\Handlers\Menu.php:279

filteruser_can_richeditapp\Hooks\Handlers\Menu.php:356

actionfluent_support/tickets_query_by_permission_refapp\Hooks\Handlers\PermissionFilterManager.php:12

actionfluent_support\main_tickets_queryapp\Hooks\Handlers\PermissionFilterManager.php:13

filterwp_privacy_personal_data_exportersapp\Hooks\Handlers\PrivacyHandler.php:13

filterwp_privacy_personal_data_erasersapp\Hooks\Handlers\PrivacyHandler.php:14

filterfluent_support/customer_portal_varsapp\Hooks\Handlers\ShortcodeHandler.php:26

filterfluent_support/customer_portal_varsapp\Hooks\Handlers\ShortcodeHandler.php:33

filterfluent_support/customer_portal_varsapp\Hooks\Handlers\ShortcodeHandler.php:40

filterupload_dirapp\Services\Includes\FileSystem.php:109

filterwp_handle_upload_prefilterapp\Services\Includes\FileSystem.php:197

filterupload_dirapp\Services\Includes\FileSystem.php:198

filterwp_handle_uploadapp\Services\Includes\FileSystem.php:200

actionfluent_cart/order_createdapp\Services\Integrations\FluentCart\FluentCart.php:15

filterfluentcrm_ajax_options_fs_inboxesapp\Services\Integrations\FluentCrm\CreateTicketAction.php:22

filterfluentcrm_ajax_options_fs_agentsapp\Services\Integrations\FluentCrm\CreateTicketAction.php:33

actionfluent_support/customer_createdapp\Services\Integrations\FluentCrm\FluentCRMWidgets.php:14

filterfluentcrm-support_tickets_providersapp\Services\Integrations\FluentCrm\FluentCRMWidgets.php:15

filterfluentcrm-get_support_tickets_fluent_supportapp\Services\Integrations\FluentCrm\FluentCRMWidgets.php:16

filterfluentform/notifying_async_fluent_supportapp\Services\Integrations\FluentForm\FeedIntegration.php:42

actionplugins_loadedboot\app.php:21

actionfluent_support/admin_app_loadedboot\app.php:30

actionwp_insert_sitefluent-support.php:27

Scheduled Events 6

fluent_support_hourly_tasks

fluent_support_daily_tasks

fluent_support_weekly_tasks

fluent_support_hourly_tasks

fluent_support_daily_tasks

fluent_support_weekly_tasks

Maintenance & Trust

Fluent Support – Helpdesk & Customer Support Ticket System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 6, 2026

PHP min version7.4

Downloads251K

Community Trust

Rating90/100

Number of ratings62

Active installs10K

Alternatives

Fluent Support – Helpdesk & Customer Support Ticket System Alternatives

Awesome Support – WordPress HelpDesk & Support Plugin

awesome-support

The most versatile and feature-rich help desk and support plugin for WordPress. Provide awesome support directly from your WordPress site.

7K 24 CVEs

JS Help Desk – AI-Powered Support & Ticketing System

js-support-ticket

Professional, beautiful, complete and powerful help desk & support system for WordPress.

6K 21 CVEs

Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin

majestic-support

Majestic Support for WordPress is a top-tier ticket system that can significantly enhance your customers' support experience.

2K 1 unpatched

Nirweb support

nirweb-support

NirWeb support is a great help desk and support plugin for WordPress with full support of WooCommerce

1K 1 unpatched

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

support-genix-lite

Manage customer support with a powerful helpdesk & support ticket system — track customer tickets, resolve, and streamline your support workflow.

1K 3 CVEs

Developer Profile

Fluent Support – Helpdesk & Customer Support Ticket System Developer Profile

Shahjahan Jewel

17 plugins · 1.3M total installs

trust score

Avg Security Score

92/100

Avg Patch Time

113 days

View full developer profile

Detection Fingerprints

How We Detect Fluent Support – Helpdesk & Customer Support Ticket System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fluent-support/app/views/admin/css/fs-settings.css/wp-content/plugins/fluent-support/app/views/admin/css/fluent-support-admin.css/wp-content/plugins/fluent-support/app/views/admin/js/fluent-support-admin.js/wp-content/plugins/fluent-support/app/views/admin/js/global_summary.js/wp-content/plugins/fluent-support/app/views/admin/js/dashboard-widget.js/wp-content/plugins/fluent-support/app/views/frontend/css/fluent-support-frontend.css/wp-content/plugins/fluent-support/app/views/frontend/js/fluent-support-frontend.js/wp-content/plugins/fluent-support/app/views/frontend/js/login-form.js+3 more

Script Paths

/wp-content/plugins/fluent-support/app/views/admin/js/fluent-support-admin.js/wp-content/plugins/fluent-support/app/views/admin/js/global_summary.js/wp-content/plugins/fluent-support/app/views/admin/js/dashboard-widget.js/wp-content/plugins/fluent-support/app/views/frontend/js/fluent-support-frontend.js/wp-content/plugins/fluent-support/app/views/frontend/js/login-form.js/wp-content/plugins/fluent-support/app/views/frontend/js/signup-form.js+2 more

Version Parameters

fluent-support/fluent-support-admin.css?ver=fluent-support/fluent-support-admin.js?ver=fluent-support/global_summary.js?ver=fluent-support/dashboard-widget.js?ver=fluent-support/fluent-support-frontend.css?ver=fluent-support/fluent-support-frontend.js?ver=fluent-support/login-form.js?ver=fluent-support/signup-form.js?ver=fluent-support/reset-password-form.js?ver=fluent-support/auth-form.js?ver=

HTML / DOM Fingerprints

CSS Classes

fs_dash_wrapperfs_dash_tablefst_login_form_auth_wrapperfst_login_wrapperfst_signup_form_wrapperfst_reset_password_wrapperfluent_support_widget_container

HTML Comments

+3 more

Data Attributes

id="fst_login_form"id="fs_show_signup"id="fs_show_reset_password"id="fluent_support_reports_widget"

JS Globals

fst_bar_varsfluent_support_global

REST Endpoints

/wp-json/fluent-support/v1

Shortcode Output

<div class="fst_login_form_auth_wrapper"><div class="fst_signup_form_wrapper"><div class="fst_reset_password_wrapper">

FAQ