Does Nifty Desk – Ultimate Support Desk Plugin have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Nifty Desk – Ultimate Support Desk Plugin compatible with WordPress 4.7.33?

According to WordPress.org data, Nifty Desk – Ultimate Support Desk Plugin 1.03 has been tested up to WordPress 4.7.33. Check the plugin's changelog for the latest compatibility information.

How often is Nifty Desk – Ultimate Support Desk Plugin updated?

Nifty Desk – Ultimate Support Desk Plugin was last updated on Feb 19, 2017. Frequent updates are generally a positive security signal.

What is Nifty Desk – Ultimate Support Desk Plugin's security score?

Nifty Desk – Ultimate Support Desk Plugin has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Nifty Desk – Ultimate Support Desk Plugin Security & Risk Analysis

wordpress.org/plugins/nifty-desk

Create a comprehensive support help desk and support ticket system in minutes with Nifty Desk.

10 active installs v1.03 PHP + WP 3.5+ Updated Feb 19, 2017

supportsupport-pluginsupport-ticketsupport-ticketsticket-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Nifty Desk – Ultimate Support Desk Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

Nifty Desk – Ultimate Support Desk Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "nifty-desk" v1.03 plugin exhibits a mixed security posture. While it demonstrates strong practices in utilizing prepared statements for all SQL queries and avoids bundled libraries, significant concerns arise from its attack surface and taint analysis. A substantial portion of its AJAX handlers (19 out of 21) and all of its REST API routes lack proper authentication or permission checks. This creates a large potential entry point for attackers. Furthermore, the taint analysis reveals flows with unsanitized paths, including two of high severity, indicating potential vulnerabilities if these flows are triggered by user input. The plugin's clean vulnerability history is a positive sign, suggesting a history of secure development or prompt patching, but it does not negate the risks identified in the current static and taint analysis. Overall, while the core database interactions are secure, the exposed entry points and identified unsanitized data flows present notable risks that require attention.

Key Concerns

Large attack surface without auth checks
High severity taint flows with unsanitized paths
REST API routes without permission callbacks
AJAX handlers without authentication checks
Flows with unsanitized paths (general)

Vulnerabilities

None known

Nifty Desk – Ultimate Support Desk Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Nifty Desk – Ultimate Support Desk Plugin Release Timeline

v1.02

v1.01

v1.0

Code Analysis

Analyzed Mar 17, 2026

Nifty Desk – Ultimate Support Desk Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

123

162 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared27 total queries

Output Escaping

57% escaped285 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

6 flows5 with unsanitized paths

nifty_desk_rep_ajax_callback (modules\reporting-ajax.php:4)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

22 unprotected

Nifty Desk – Ultimate Support Desk Plugin Attack Surface

Entry Points30

Unprotected22

AJAX Handlers 21

authwp_ajax_nifty_desk_db_request_tickets_from_controlmodules\dashboard-ajax.php:3

authwp_ajax_nifty_desk_db_request_tickets_from_control_by_viewmodules\dashboard-ajax.php:4

authwp_ajax_nifty_desk_fetch_channelsmodules\dashboard-ajax.php:5

authwp_ajax_nifty_desk_db_request_ticket_from_content_listmodules\dashboard-ajax.php:6

authwp_ajax_nifty_desk_db_update_ticket_statusmodules\dashboard-ajax.php:7

authwp_ajax_nifty_desk_db_update_ticket_prioritymodules\dashboard-ajax.php:8

authwp_ajax_nifty_desk_submit_responsemodules\dashboard-ajax.php:9

authwp_ajax_nifty_desk_db_request_tickets_from_control_prioritymodules\dashboard-ajax.php:10

authwp_ajax_nifty_desk_delete_ticketmodules\dashboard-ajax.php:11

authwp_ajax_nifty_desk_modern_submit_internal_notemodules\dashboard-ajax.php:12

authwp_ajax_nifty_desk_db_bulk_delete_ticketsmodules\dashboard-ajax.php:13

authwp_ajax_nifty_desk_delete_channelmodules\dashboard-ajax.php:14

authwp_ajax_nifty_desk_db_search_ticetsmodules\dashboard-ajax.php:15

authwp_ajax_nifty_desk_resend_notificationmodules\dashboard-ajax.php:16

authwp_ajax_nifty_desk_delete_schedulemodules\dashboard-ajax.php:17

authwp_ajax_nifty_desk_merge_get_ticket_detailsmodules\dashboard-ajax.php:19

authwp_ajax_nifty_desk_merge_ticketsmodules\dashboard-ajax.php:20

authwp_ajax_nifty_desk_rep_update_statsmodules\reporting-ajax.php:3

authwp_ajax_nifty_desk_change_originatormodules\widgets.php:31

authwp_ajax_nifty_desk_save_responsenifty-desk.php:194

authwp_ajax_nifty_desk_save_notenifty-desk.php:195

REST API Routes 3

GETPOST/wp-json/nifty_desk/v1/create_ticketmodules\api\nifty-desk-api-routes.php:11

GETPOST/wp-json/nifty_desk/v1/view_ticketmodules\api\nifty-desk-api-routes.php:16

GETPOST/wp-json/nifty_desk/v1/delete_ticketmodules\api\nifty-desk-api-routes.php:21

Shortcodes 6

[nifty_desk_submit_ticket] nifty-desk.php:79

[nifty_desk_ticket_title] templates\templates.php:294

[nifty_desk_ticket_responses] templates\templates.php:295

[nifty_desk_ticket_response_form] templates\templates.php:296

[nifty_desk_ticket_author_details] templates\templates.php:297

[nifty_desk_ticket_notices] templates\templates.php:298

WordPress Hooks 69

actionrest_api_initmodules\api\nifty-desk-api-routes.php:10

actionnifty_desk_activate_hookmodules\api\nifty-desk-api.php:18

actionnifty_desk_update_hookmodules\api\nifty-desk-api.php:19

actionnifty_desk_settings_tabsmodules\api\nifty-desk-api.php:40

actionnifty_desk_settings_contentmodules\api\nifty-desk-api.php:50

actionnifty_desk_api_below_table_hookmodules\api\nifty-desk-api.php:178

actionnifty_desk_autoassign_output_htmlmodules\autoassign.php:7

actionnifty_desk_channels_output_htmlmodules\channels.php:13

filternifty_desk_email_body_buildmodules\email.php:3

filternifty_desk_email_login_filtermodules\email.php:27

filternifty_desk_email_content_filtermodules\email.php:43

filternifty_desk_ticket_internal_tagsmodules\email.php:78

actionadd_meta_boxesmodules\metaboxes.php:19

actionsave_postmodules\metaboxes.php:111

actionadd_meta_boxesmodules\metaboxes.php:135

actionadd_meta_boxesmodules\metaboxes.php:284

actionadd_meta_boxesmodules\metaboxes.php:393

actionadd_meta_boxesmodules\metaboxes.php:395

actionsave_postmodules\metaboxes.php:535

actionsave_postmodules\metaboxes.php:537

actionwp_dashboard_setupmodules\reporting.php:8

actionnifty_desk_admin_menu_abovemodules\reporting.php:36

actionnifty_desk_reporting_page_grid_area_hookmodules\reporting.php:188

actionnifty_desk_view_controlmodules\views.php:5

filternifty_desk_response_after_author_namemodules\views.php:1656

filternifty_desk_author_meta_topmodules\widgets.php:4

actionadmin_print_scriptsmodules\widgets.php:25

actioninitnifty-desk.php:60

actionadmin_menunifty-desk.php:61

actionadmin_headnifty-desk.php:64

actionadmin_headnifty-desk.php:66

actioninitnifty-desk.php:70

actioninitnifty-desk.php:72

actionadmin_headnifty-desk.php:75

actioninitnifty-desk.php:190

actioninitnifty-desk.php:191

actioninitnifty-desk.php:192

filteradd_menu_classesnifty-desk.php:200

actionadmin_print_scriptsnifty-desk.php:504

actionwp_enqueue_scriptsnifty-desk.php:590

actionnifty_desk_modern_tickets_left_column_after_wrappernifty-desk.php:1010

filterthe_contentnifty-desk.php:1533

filternext_post_linknifty-desk.php:1536

filterprevious_post_linknifty-desk.php:1537

filtermanage_nifty_desk_tickets_posts_columnsnifty-desk.php:2030

actionmanage_nifty_desk_tickets_posts_custom_columnnifty-desk.php:2032

filterviews_edit-nifty_desk_ticketsnifty-desk.php:2421

actionload-edit.phpnifty-desk.php:2446

filterposts_wherenifty-desk.php:2456

filterpre_get_postsnifty-desk.php:2579

actionrestrict_manage_postsnifty-desk.php:2695

actionrestrict_manage_postsnifty-desk.php:2696

actionrestrict_manage_postsnifty-desk.php:2697

filterpre_get_postsnifty-desk.php:2816

filterwp_mail_smtp_custom_optionsnifty-desk.php:3272

filternifty_desk_wrap_body_in_htmlnifty-desk.php:3436

filterwp_mail_content_typenifty-desk.php:3490

filteradmin_body_classnifty-desk.php:3545

actionnifty_desk_text_response_afternifty-desk.php:3733

filternifty_desk_current_agent_metanifty-desk.php:3758

actionnifty_desk_modern_tickets_left_column_beforenifty-desk.php:3828

filternifty_desk_get_merged_idnifty-desk.php:4031

actionadmin_noticesnifty-desk.php:4144

actionnifty_desk_settings_tabstemplates\templates.php:3

actionnifty_desk_settings_contenttemplates\templates.php:15

filternifty_desk_save_settings_hooktemplates\templates.php:119

filtertemplate_includetemplates\templates.php:133

actionedit_form_toptemplates\templates.php:500

actionnifty_desk_template_page_edit_checker_array_hooktemplates\templates.php:530

Maintenance & Trust

Nifty Desk – Ultimate Support Desk Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33

Last updatedFeb 19, 2017

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Nifty Desk – Ultimate Support Desk Plugin Alternatives

Fluent Support – Helpdesk & Customer Support Ticket System

fluent-support

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K 7 CVEs

CodeBard Help Desk

codebard-help-desk

Multi Language Professional Support Ticket System with Unlimited Users, Unlimited Tickets, Unlimited Departments, Agents and many features

10 2 unpatched

Support Tickets v2

support-tickets-v2

With this plugin, you can manage a simple support ticket system on your WordPress site.

10 No CVEs

UVdesk Free Helpdesk

uvdesk

100

Uvdesk is an omnichannel helpdesk designed to deliver swift and efficient customer support across multiple platforms.

10 No CVEs

WBugBoard

wbugboard

A professional issue tracking plugin for WordPress to manage and prioritize customer support tickets.

0 No CVEs

Developer Profile

Nifty Desk – Ultimate Support Desk Plugin Developer Profile

NickDuncan

5 plugins · 490 total installs

trust score

Avg Security Score

81/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Nifty Desk – Ultimate Support Desk Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/nifty-desk/css/style.css/wp-content/plugins/nifty-desk/js/nifty-desk-public.js/wp-content/plugins/nifty-desk/js/nifty-desk-admin.js

Script Paths

/wp-content/plugins/nifty-desk/js/nifty-desk-public.js/wp-content/plugins/nifty-desk/js/nifty-desk-admin.js

Version Parameters

nifty-desk/css/style.css?ver=nifty-desk/js/nifty-desk-public.js?ver=nifty-desk/js/nifty-desk-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

nifty-desk-widget

HTML Comments

Data Attributes

data-nifty-desk-ajax-url

JS Globals

nifty_desk_ajax_object

REST Endpoints

/wp-json/nifty-desk/v1/ticket

Shortcode Output

[nifty_desk_submit_ticket]

FAQ