Does UVdesk Free Helpdesk have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is UVdesk Free Helpdesk compatible with WordPress 6.9.4?

According to WordPress.org data, UVdesk Free Helpdesk 2.1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is UVdesk Free Helpdesk compatible with PHP 7.4+?

UVdesk Free Helpdesk requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is UVdesk Free Helpdesk updated?

UVdesk Free Helpdesk was last updated on Dec 24, 2025. Frequent updates are generally a positive security signal.

What is UVdesk Free Helpdesk's security score?

UVdesk Free Helpdesk has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

UVdesk Free Helpdesk Security & Risk Analysis

wordpress.org/plugins/uvdesk

Uvdesk is an omnichannel helpdesk designed to deliver swift and efficient customer support across multiple platforms.

10 active installs v2.1.2 PHP 7.4+ WP 6.7+ Updated Dec 24, 2025

helpdesksupport-ticketsuvdesk-helpuvdesk-helpdeskuvdesk-ticket

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is UVdesk Free Helpdesk Safe to Use in 2026?

Generally Safe

Score 100/100

UVdesk Free Helpdesk has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The uvdesk plugin v2.1.2 demonstrates a generally strong security posture, particularly in its handling of SQL queries and output escaping, which are 100% secure. The absence of known CVEs, critical taint flows, and dangerous functions is also a significant positive. However, a notable concern arises from the substantial attack surface presented by 14 unprotected AJAX handlers. While many plugins have AJAX endpoints, having a large number without authentication checks significantly increases the potential for unauthorized actions if these handlers can be triggered externally and processed without proper authorization validation. The plugin also includes 13 nonce checks and 2 capability checks, indicating some effort to secure endpoints, but the sheer number of unprotected AJAX handlers overshadows these positive aspects. The lack of historical vulnerabilities is encouraging, suggesting a diligent development team or a less targeted plugin, but the current code analysis reveals a clear area of risk that requires attention.

Key Concerns

14 unprotected AJAX handlers found
Large attack surface (14 unprotected entry points)

Vulnerabilities

None known

UVdesk Free Helpdesk Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

UVdesk Free Helpdesk Release Timeline

v2.1.2Current

v2.1.1

v2.1.0

Code Analysis

Analyzed Apr 16, 2026

UVdesk Free Helpdesk Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1063 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped1063 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

9 flows

wkuvdesk_customer_create_ticket (includes/front/class-wkuvdesk-front-function.php:258)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

14 unprotected

UVdesk Free Helpdesk Attack Surface

Entry Points19

Unprotected14

AJAX Handlers 14

noprivwp_ajax_change_ticket_agentincludes/common/class-wkuvdesk-common-hook.php:34

authwp_ajax_change_ticket_agentincludes/common/class-wkuvdesk-common-hook.php:35

noprivwp_ajax_change_ticket_priorityincludes/common/class-wkuvdesk-common-hook.php:36

authwp_ajax_change_ticket_priorityincludes/common/class-wkuvdesk-common-hook.php:37

noprivwp_ajax_sort_customer_ticket_via_statusincludes/common/class-wkuvdesk-common-hook.php:38

authwp_ajax_sort_customer_ticket_via_statusincludes/common/class-wkuvdesk-common-hook.php:39

noprivwp_ajax_sort_ticket_via_apiincludes/common/class-wkuvdesk-common-hook.php:40

authwp_ajax_sort_ticket_via_apiincludes/common/class-wkuvdesk-common-hook.php:41

noprivwp_ajax_get_thread_data_customerincludes/common/class-wkuvdesk-common-hook.php:42

authwp_ajax_get_thread_data_customerincludes/common/class-wkuvdesk-common-hook.php:43

noprivwp_ajax_delete_thread_via_apiincludes/common/class-wkuvdesk-common-hook.php:44

authwp_ajax_delete_thread_via_apiincludes/common/class-wkuvdesk-common-hook.php:45

noprivwp_ajax_toggle_the_starredincludes/common/class-wkuvdesk-common-hook.php:46

authwp_ajax_toggle_the_starredincludes/common/class-wkuvdesk-common-hook.php:47

Shortcodes 5

[uvdesk] includes/front/class-wkuvdesk-front-function.php:93

[uvdesk] templates/front/class-wkuvdesk-customer-create-ticket.php:33

[uvdesk] templates/front/class-wkuvdesk-customer-ticket-view.php:34

[uvdesk] templates/front/class-wkuvdesk-customer.php:34

[uvdesk] templates/front/class-wkuvdesk-register.php:33

WordPress Hooks 23

actionadmin_menuincludes/admin/class-wkuvdesk-admin-hook.php:33

actionadmin_initincludes/admin/class-wkuvdesk-admin-hook.php:34

actionadmin_enqueue_scriptsincludes/admin/class-wkuvdesk-admin-hook.php:35

filterplugin_row_metaincludes/admin/class-wkuvdesk-admin-hook.php:38

actioninitincludes/class-wkuvdesk-install.php:31

actioninitincludes/class-wkuvdesk.php:65

actionplugins_loadedincludes/class-wkuvdesk.php:66

actionwp_enqueue_scriptsincludes/common/class-wkuvdesk-common-hook.php:32

actionadmin_enqueue_scriptsincludes/common/class-wkuvdesk-common-hook.php:33

actionwp_logoutincludes/front/class-wkuvdesk-front-hook.php:32

actiontemplate_redirectincludes/front/class-wkuvdesk-front-hook.php:33

actiontemplate_redirectincludes/front/class-wkuvdesk-front-hook.php:34

actionwp_login_failedincludes/front/class-wkuvdesk-front-hook.php:35

actionadmin_menutemplates/admin/class-wkuvdesk-admin-ticket.php:66

filterset-screen-optiontemplates/admin/class-wkuvdesk-admin-ticket.php:67

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:405

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:414

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:434

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:443

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:464

actionadmin_noticestemplates/admin/class-wkuvdesk-admin-ticket.php:473

filterrewrite_rules_arrayuvdesk.php:68

filterquery_varsuvdesk.php:90

Maintenance & Trust

UVdesk Free Helpdesk Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 24, 2025

PHP min version7.4

Downloads2K

Community Trust

Rating74/100

Number of ratings3

Active installs10

Alternatives

UVdesk Free Helpdesk Alternatives

Support Tickets v2

support-tickets-v2

With this plugin, you can manage a simple support ticket system on your WordPress site.

10 No CVEs

Fluent Support – Helpdesk & Customer Support Ticket System

fluent-support

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K 7 CVEs

SupportCandy – Helpdesk & Customer Support Ticket System

supportcandy

Enhance your WordPress site with our helpdesk and support ticket system. Manage customer support, tickets, and email tickets efficiently.

10K 17 CVEs

JS Help Desk – AI-Powered Support & Ticketing System

js-support-ticket

Professional, beautiful, complete and powerful help desk & support system for WordPress.

8K 24 CVEs

Awesome Support – WordPress HelpDesk & Support Plugin

awesome-support

The most versatile and feature-rich help desk and support plugin for WordPress. Provide awesome support directly from your WordPress site.

7K 26 CVEs

Developer Profile

UVdesk Free Helpdesk Developer Profile

Webkul

2 plugins · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect UVdesk Free Helpdesk

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/uvdesk/includes/admin/class-wkuvdesk-admin-function.php/wp-content/plugins/uvdesk/includes/class-wkuvdesk-autoload.php/wp-content/plugins/uvdesk/includes/class-wkuvdesk.php/wp-content/plugins/uvdesk/includes/admin/class-wkuvdesk-manage-ticket.php/wp-content/plugins/uvdesk/includes/admin/class-wkuvdesk-admin-ticket.php/wp-content/plugins/uvdesk/vendor/autoload.php/wp-content/plugins/uvdesk/templates/admin/admin-ticket.php/wp-content/plugins/uvdesk/templates/admin/manage-ticket.php+2 more

Script Paths

/wp-content/plugins/uvdesk/assets/js/frontend/uvdesk-frontend.js

Version Parameters

uvdesk/assets/css/uvdesk-style.css?ver=uvdesk/assets/js/frontend/uvdesk-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wk-areawkbc-wrap

Data Attributes

wk-areawebkul-extensions

FAQ