WP-Safety

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Security & Risk Analysis

wordpress.org/plugins/support-genix-lite

Manage customer support with a powerful helpdesk & support ticket system — track customer tickets, resolve, and streamline your support workflow.

1K active installs v1.4.43 PHP 7.2+ WP 5.0+ Updated Mar 15, 2026
ai-chatbotcustomer-supporthelpdeskknowledge-basesupport-ticket
97
A · Safe
CVEs total3
Unpatched0
Last CVESep 3, 2025
Plugin page Download
Safety Verdict

Is Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Safe to Use in 2026?

Generally Safe

Score 97/100

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Sep 3, 2025Updated 19d ago
Risk Assessment

The "support-genix-lite" v1.4.43 plugin presents a mixed security posture. While it demonstrates a relatively good level of output escaping and a substantial number of capability checks, there are significant concerns regarding its attack surface. A notable portion of its AJAX handlers (8 out of 14) lack authentication checks, creating potential entry points for unauthorized actions.

The static analysis also reveals the presence of the dangerous `unserialize` function, which can lead to critical vulnerabilities if not handled with extreme care, especially when dealing with user-supplied data. Although no critical or high-severity taint flows were identified, the existence of flows with unsanitized paths warrants attention, as these could be leveraged in conjunction with other weaknesses. The vulnerability history, while showing no currently unpatched CVEs, indicates a pattern of medium-severity issues, specifically related to missing authorization and authorization bypass, suggesting recurring problems in access control implementation.

In conclusion, the plugin has strengths in output sanitization and authorization checks in some areas. However, the unprotected AJAX endpoints and the use of `unserialize` are significant weaknesses. The past medium vulnerabilities reinforce the need for rigorous security auditing, particularly around authorization logic and data handling.

Key Concerns

  • Unprotected AJAX handlers
  • Use of dangerous function: unserialize
  • Flows with unsanitized paths
  • Past medium severity vulnerabilities (3 total)
Vulnerabilities
3

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-58635medium · 5.3Missing Authorization

Support Genix <= 1.4.23 - Missing Authorization

Sep 3, 2025 Patched in 1.4.24 (7d)
CVE-2025-30777medium · 5.4Authorization Bypass Through User-Controlled Key

Support Genix <= 1.4.11 - Authenticated (Subscriber+) Insecure Direct Object Reference

Mar 27, 2025 Patched in 1.4.12 (8d)
CVE-2023-49742medium · 5.3Missing Authorization

Support Genix <= 1.2.3 - Missing Authorization

Apr 16, 2024 Patched in 1.2.4 (10d)
Code Analysis
Analyzed Mar 16, 2026

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Code Analysis

Dangerous Functions
5
Raw SQL Queries
108
189 prepared
Unescaped Output
352
1557 escaped
Nonce Checks
15
Capability Checks
67
File Operations
14
External Requests
24
Bundled Libraries
0

Dangerous Functions Found

unserialize$new_option_value = is_serialized($option_value) ? unserialize($option_value) : $option_value;modules\Apbd_wps_settings.php:788
unserialize$maybe_unserialized = @unserialize($inner_value);modules\Apbd_wps_settings.php:3356
unserialize$maybe_unserialized = @unserialize($first_value);modules\Apbd_wps_settings.php:3418
unserialize$wc_data = (is_serialized($wc_data) ? unserialize($wc_data) : array());modules\Apbd_wps_woocommerce.php:544
unserialize$wc_data = (is_serialized($wc_data) ? unserialize($wc_data) : array());modules\Apbd_wps_woocommerce.php:714

SQL Query Safety

64% prepared297 total queries

Output Escaping

82% escaped1909 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths
<base_helper> (core\base_helper.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Attack Surface

Entry Points17
Unprotected8

AJAX Handlers 14

authwp_ajax_sgenix_deactivation_feedbackappcore\ApbdWps_DeactiveFeedback.php:37
authwp_ajax_support_genix_lite_diagnostic_dataappcore\ApbdWps_DiagnosticData.php:101
authwp_ajax_dismiss_support_genix_promoappcore\ApbdWps_Promo.php:70
authwp_ajax_apbd_wps_license_infocore\helper.php:131
authwp_ajax_sgkb_article_feedbackmodules\Apbd_wps_knowledge_base.php:76
noprivwp_ajax_sgkb_article_feedbackmodules\Apbd_wps_knowledge_base.php:77
authwp_ajax_sgkb_reactiontraits\Apbd_wps_knowledge_base_analytics_trait.php:19
noprivwp_ajax_sgkb_reactiontraits\Apbd_wps_knowledge_base_analytics_trait.php:20
authwp_ajax_sgkb_searchtraits\Apbd_wps_knowledge_base_searches_trait.php:20
noprivwp_ajax_sgkb_searchtraits\Apbd_wps_knowledge_base_searches_trait.php:21
authwp_ajax_sgkb_track_popular_searchtraits\Apbd_wps_knowledge_base_searches_trait.php:24
noprivwp_ajax_sgkb_track_popular_searchtraits\Apbd_wps_knowledge_base_searches_trait.php:25
authwp_ajax_sgkb_get_popular_searchestraits\Apbd_wps_knowledge_base_searches_trait.php:28
noprivwp_ajax_sgkb_get_popular_searchestraits\Apbd_wps_knowledge_base_searches_trait.php:29

Shortcodes 3

[supportgenix] modules\Apbd_wps_settings.php:105
[sgkb_archive_docs] traits\Apbd_wps_knowledge_base_shortcode_trait.php:13
[sgkb_single_docs] traits\Apbd_wps_knowledge_base_shortcode_trait.php:14
WordPress Hooks 170
actionadmin_footerappcore\ApbdWps_DeactiveFeedback.php:36
actionadmin_noticesappcore\ApbdWps_DiagnosticData.php:97
actionadmin_enqueue_scriptsappcore\ApbdWps_OfferLite.php:74
actionadmin_initappcore\ApbdWps_OfferLite.php:75
actionadmin_print_scriptsappcore\ApbdWps_OfferLite.php:365
actionadmin_print_footer_scriptsappcore\ApbdWps_OfferLite.php:366
actionadmin_noticesappcore\ApbdWps_OfferLite.php:370
actionadmin_noticesappcore\ApbdWps_OfferLite.php:375
actionadmin_footerappcore\ApbdWps_OfferLite.php:379
actionadmin_footerappcore\ApbdWps_OfferLite.php:380
actionadmin_noticesappcore\ApbdWps_Promo.php:58
actionadmin_noticesappcore\ApbdWps_Promo.php:69
actionadmin_enqueue_scriptsappcore\ApbdWps_Promo.php:71
actionadmin_footerappcore\ApbdWps_Promo.php:89
actionadmin_headappcore\ApbdWps_Promo.php:90
actionsend_headersappcore\ApbdWps_SupportLite.php:101
actionrest_api_initappcore\ApbdWps_SupportLite.php:103
filterscript_loader_tagappcore\ApbdWps_SupportLite.php:233
filterapbd-wps/multi-languagecore\ApbdWpsBaseModuleLite.php:66
actionadmin_headcore\ApbdWpsKarnelLite.php:982
actionall_admin_noticescore\ApbdWpsKarnelLite.php:1034
filtersafe_style_csscore\helper.php:85
filterplugin_row_metacore\secondary_helper.php:809
actioninitcore\secondary_helper.php:810
actionwp_enqueue_scriptscore\secondary_helper.php:812
actionwp_headcore\secondary_helper.php:813
actionadmin_enqueue_scriptscore\secondary_helper.php:815
actionadmin_print_stylescore\secondary_helper.php:816
actionadmin_print_scriptscore\secondary_helper.php:817
actionwp_enqueue_scriptscore\secondary_helper.php:818
actionwp_print_stylescore\secondary_helper.php:819
actionadmin_menucore\secondary_helper.php:820
actionadmin_headcore\secondary_helper.php:821
actionadmin_noticescore\secondary_helper.php:822
actioninitcore\secondary_helper.php:824
actionadmin_enqueue_scriptscore\secondary_helper.php:826
actionwp_enqueue_scriptscore\secondary_helper.php:829
actionadmin_menucore\secondary_helper.php:832
actionadmin_menucore\secondary_helper.php:834
actionadmin_menucore\secondary_helper.php:837
actionadmin_menucore\secondary_helper.php:839
actionadmin_initcore\secondary_helper.php:843
actioncurrent_screencore\secondary_helper.php:844
actionadmin_noticescore\secondary_helper.php:846
actionall_admin_noticescore\secondary_helper.php:847
actionadmin_initcore\secondary_helper.php:849
filteradmin_footer_textcore\secondary_helper.php:850
filterupdate_footercore\secondary_helper.php:860
actionadmin_initcore\secondary_helper.php:871
filterwoocommerce_prevent_admin_accesscore\secondary_helper.php:872
filterwoocommerce_disable_admin_barcore\secondary_helper.php:876
filterapbd-wps/filter/before-custom-getmodules\Apbd_wps_envato_system.php:22
filterapbd-wps/filter/custom-additional-fieldsmodules\Apbd_wps_envato_system.php:23
filterapbd-wps/filter/ticket-custom-field-validmodules\Apbd_wps_envato_system.php:25
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_envato_system.php:26
filterapbd-wps/filter/custom-field-validatemodules\Apbd_wps_envato_system.php:28
filterapbd-wps/filter/incoming-webhook-custom-field-validmodules\Apbd_wps_envato_system.php:29
filterapbd-wps/filter/ht-contact-form-custom-field-validmodules\Apbd_wps_envato_system.php:30
actionapbd-wps/action/ticket-custom-field-updatemodules\Apbd_wps_envato_system.php:31
filterapbd-wps/filter/ticket-details-custom-propertiesmodules\Apbd_wps_envato_system.php:32
actiontemplate_redirectmodules\Apbd_wps_knowledge_base.php:100
actiontemplate_redirectmodules\Apbd_wps_knowledge_base.php:101
actionpre_get_postsmodules\Apbd_wps_knowledge_base.php:102
filterbody_classmodules\Apbd_wps_knowledge_base.php:104
filterstackable_frontend_cssmodules\Apbd_wps_knowledge_base.php:105
actionrestrict_manage_postsmodules\Apbd_wps_knowledge_base.php:108
filterposts_joinmodules\Apbd_wps_knowledge_base.php:680
filterposts_fieldsmodules\Apbd_wps_knowledge_base.php:681
filterposts_groupbymodules\Apbd_wps_knowledge_base.php:682
filtertemplate_includemodules\Apbd_wps_knowledge_base.php:684
filterpost_type_linkmodules\Apbd_wps_knowledge_base.php:685
actiontransition_post_statusmodules\Apbd_wps_knowledge_base.php:687
actionnew_to_auto-draftmodules\Apbd_wps_knowledge_base.php:688
actionwp_after_insert_postmodules\Apbd_wps_knowledge_base.php:691
actionsgkb_after_insert_postmodules\Apbd_wps_knowledge_base.php:692
actionrest_after_insert_sgkb-docsmodules\Apbd_wps_knowledge_base.php:693
actionbefore_delete_postmodules\Apbd_wps_knowledge_base.php:694
actioncreated_sgkb-docs-categorymodules\Apbd_wps_knowledge_base.php:696
actionpre_delete_termmodules\Apbd_wps_knowledge_base.php:697
filterposts_joinmodules\Apbd_wps_knowledge_base.php:1775
filterposts_fieldsmodules\Apbd_wps_knowledge_base.php:1776
filterposts_groupbymodules\Apbd_wps_knowledge_base.php:1777
filterposts_joinmodules\Apbd_wps_knowledge_base.php:1895
filterposts_fieldsmodules\Apbd_wps_knowledge_base.php:1896
filterposts_groupbymodules\Apbd_wps_knowledge_base.php:1897
filterposts_joinmodules\Apbd_wps_knowledge_base.php:1978
filterposts_fieldsmodules\Apbd_wps_knowledge_base.php:1979
filterposts_groupbymodules\Apbd_wps_knowledge_base.php:1980
actionsupport_genix_scheduled_five_minutes_tasksmodules\Apbd_wps_report_email.php:19
actionapbd-wps/action/role-addedmodules\Apbd_wps_role.php:29
actionapbd-wps/action/role-updatedmodules\Apbd_wps_role.php:30
actionapbd-wps/action/role-deletedmodules\Apbd_wps_role.php:31
actionapbd-wps/action/add-role-accessmodules\Apbd_wps_role.php:33
filtereditable_rolesmodules\Apbd_wps_role.php:39
filteruser_has_capmodules\Apbd_wps_role.php:40
filterapbd-wps/filter/ticket-read-attached-filesmodules\Apbd_wps_settings.php:60
filterapbd-wps/filter/reply-read-attached-filesmodules\Apbd_wps_settings.php:61
filterapbd-wps/filter/ticket-custom-propertiesmodules\Apbd_wps_settings.php:62
filterapbd-wps/filter/user-custom-propertiesmodules\Apbd_wps_settings.php:63
actionapbd-wps/action/download-filemodules\Apbd_wps_settings.php:66
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_settings.php:67
actionapbd-wps/action/user-createdmodules\Apbd_wps_settings.php:68
actionapbd-wps/action/user-updatedmodules\Apbd_wps_settings.php:69
actionapbd-wps/action/download-filemodules\Apbd_wps_settings.php:70
actionapbd-wps/action/ticket-custom-field-updatemodules\Apbd_wps_settings.php:71
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_settings.php:73
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_settings.php:74
actionapbd-wps/action/ticket-assignedmodules\Apbd_wps_settings.php:75
actionapbd-wps/action/ticket-repliedmodules\Apbd_wps_settings.php:76
actionapbd-wps/action/ticket-status-changemodules\Apbd_wps_settings.php:77
actionapbd-wps/action/ticket-status-changemodules\Apbd_wps_settings.php:78
actionapbd-wps/action/ticket-email-notification-changemodules\Apbd_wps_settings.php:79
actionwp_mail_failedmodules\Apbd_wps_settings.php:81
filterapbd-wps/filter/incoming-webhook-custom-field-validmodules\Apbd_wps_settings.php:83
filterapbd-wps/filter/ht-contact-form-custom-field-validmodules\Apbd_wps_settings.php:84
filterapbd-wps/filter/ticket-details-custom-propertiesmodules\Apbd_wps_settings.php:85
filterdisplay_post_statesmodules\Apbd_wps_settings.php:86
filterwp_kses_allowed_htmlmodules\Apbd_wps_settings.php:87
filterapbd-wps/filter/track-id-typemodules\Apbd_wps_settings.php:88
filterapbd-wps/filter/display-track-idmodules\Apbd_wps_settings.php:89
filterapbd-wps/filter/query-track-idmodules\Apbd_wps_settings.php:90
filterapbd-wps/filter/ref-track-idmodules\Apbd_wps_settings.php:91
actionapbd-wps/action/portal-headermodules\Apbd_wps_settings.php:92
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_settings.php:94
actionshow_user_profilemodules\Apbd_wps_settings.php:98
actionedit_user_profilemodules\Apbd_wps_settings.php:99
actionpersonal_options_updatemodules\Apbd_wps_settings.php:100
actionedit_user_profile_updatemodules\Apbd_wps_settings.php:101
actiontemplate_redirectmodules\Apbd_wps_settings.php:103
actiontemplate_redirectmodules\Apbd_wps_settings.php:104
filterapbd-wps/filter/attached-filemodules\Apbd_wps_settings.php:526
actionapbd-wps/action/attach-filesmodules\Apbd_wps_settings.php:527
filterquery_varsmodules\Apbd_wps_settings.php:529
actionadmin_bar_menumodules\Apbd_wps_settings.php:530
actionuser_new_formmodules\Apbd_wps_users.php:38
actionshow_user_profilemodules\Apbd_wps_users.php:39
actionedit_user_profilemodules\Apbd_wps_users.php:40
actionuser_registermodules\Apbd_wps_users.php:41
actionprofile_updatemodules\Apbd_wps_users.php:42
filterapbd-wps/filter/before-custom-getmodules\Apbd_wps_woocommerce.php:29
filterapbd-wps/filter/custom-field-metadatamodules\Apbd_wps_woocommerce.php:30
filterapbd-wps/filter/ticket-details-custom-propertiesmodules\Apbd_wps_woocommerce.php:31
filterapbd-wps/filter/ticket-custom-field-validmodules\Apbd_wps_woocommerce.php:33
filterapbd-wps/filter/incoming-webhook-custom-field-validmodules\Apbd_wps_woocommerce.php:34
filterapbd-wps/filter/ht-contact-form-custom-field-validmodules\Apbd_wps_woocommerce.php:35
filterapbd-wps/filter/ticket-order-infomodules\Apbd_wps_woocommerce.php:37
filterapbd-wps/filter/ticket-order-statusesmodules\Apbd_wps_woocommerce.php:38
actionapbd-wps/action/ticket-createdmodules\Apbd_wps_woocommerce.php:40
actionapbd-wps/action/ticket-custom-field-updatemodules\Apbd_wps_woocommerce.php:41
actionwoocommerce_account_menu_itemsmodules\Apbd_wps_woocommerce.php:45
actionwoocommerce_get_endpoint_urlmodules\Apbd_wps_woocommerce.php:46
actiontemplate_redirecttraits\Apbd_wps_knowledge_base_analytics_trait.php:16
actionwp_headtraits\Apbd_wps_knowledge_base_analytics_trait.php:17
filterposts_jointraits\Apbd_wps_knowledge_base_analytics_trait.php:450
filterposts_fieldstraits\Apbd_wps_knowledge_base_analytics_trait.php:451
filterposts_orderbytraits\Apbd_wps_knowledge_base_analytics_trait.php:452
filterposts_groupbytraits\Apbd_wps_knowledge_base_analytics_trait.php:453
actionwp_footertraits\Apbd_wps_knowledge_base_chatbot_trait.php:23
filterposts_jointraits\Apbd_wps_knowledge_base_chatquery_trait.php:1739
filterposts_fieldstraits\Apbd_wps_knowledge_base_chatquery_trait.php:1740
filterposts_orderbytraits\Apbd_wps_knowledge_base_chatquery_trait.php:1741
filterposts_groupbytraits\Apbd_wps_knowledge_base_chatquery_trait.php:1742
filterwp_kses_allowed_htmltraits\Apbd_wps_knowledge_base_duplicator_trait.php:71
actionadd_meta_boxestraits\Apbd_wps_knowledge_base_metabox_trait.php:13
actionsave_post_sgkb-docstraits\Apbd_wps_knowledge_base_metabox_trait.php:14
actionpre_get_poststraits\Apbd_wps_knowledge_base_searches_trait.php:17
actionsgkb_docs_update_searches_datatraits\Apbd_wps_knowledge_base_searches_trait.php:18
actionadmin_footertraits\Apbd_wps_knowledge_base_writebot_trait.php:18
filterblock_categories_alltraits\Apbd_wps_settings_blocks_trait.php:13
actioninittraits\Apbd_wps_settings_blocks_trait.php:14
Maintenance & Trust

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 15, 2026
PHP min version7.2
Downloads45K

Community Trust

Rating88/100
Number of ratings9
Active installs1K
Alternatives

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Alternatives

Fluent Support – Helpdesk & Customer Support Ticket System

Fluent Support – Helpdesk & Customer Support Ticket System

fluent-support

A
89

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K 7 CVEs
Freshdesk (official)

Freshdesk (official)

freshdesk-support

A
89

Quickly embed the Freshdesk help widget, convert WordPress comments to tickets and seamlessly log your WordPress users into your support portal.

900 3 CVEs
Customer Support Ticket System & Helpdesk Plugin for WordPress

Customer Support Ticket System & Helpdesk Plugin for WordPress

wp-ticket

A
91

Create a support ticket system in WordPress. Manage customer inquiries, agents, priorities, and more with this flexible helpdesk plugin.

500 7 CVEs
NexlifyDesk

NexlifyDesk

nexlifydesk

A
100

Enterprise-grade WordPress helpdesk solution with intelligent ticket management, email piping, agent workflows, and WooCommerce integration.

0 No CVEs
Reacho – Free Customer Support Plugin for WooCommerce

Reacho – Free Customer Support Plugin for WooCommerce

reacho-for-woocommerce

A
100

Boost WooCommerce engagement with Reacho's automation, help desk, and live chat. Manage all interactions in one place—no coding needed.

0 No CVEs
Developer Profile

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System Developer Profile

DevItems

13 plugins · 179K total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
93 days
View full developer profile
Detection Fingerprints

How We Detect Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/support-genix-lite/assets/css/support-genix-lite-admin.css/wp-content/plugins/support-genix-lite/assets/js/support-genix-lite-admin.js
Script Paths
wp-content/plugins/support-genix-lite/assets/js/support-genix-lite-admin.js
Version Parameters
support-genix-lite/assets/css/support-genix-lite-admin.css?ver=support-genix-lite/assets/js/support-genix-lite-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
support-genix-promo-bannerapbd-wps-support-lite-modal
HTML Comments
<!-- Admin Bar: Support Genix Link --><!-- Support Genix Lite Chatbot --><!-- Start: Support Genix Lite Cookie Consent --><!-- End: Support Genix Lite Cookie Consent -->+3 more
Data Attributes
data-notice="support_genix_promo_banner_christmas_2025"data-support-genix-nonce
JS Globals
apbdWpsLiteAdmin
REST Endpoints
/wp-json/support-genix-lite/v1/settings/wp-json/support-genix-lite/v1/tickets/wp-json/support-genix-lite/v1/knowledgebase/wp-json/support-genix-lite/v1/chatbot
Shortcode Output
[support_genix_chatbot][support_genix_ticket_form][support_genix_knowledgebase]
FAQ

Frequently Asked Questions about Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System