@peopleinside - I saw your post about that in the phpjunkyard forums. :)
I had a successful hesk/wordpress integration for several months. But after I upgraded to WP 3.7, it broke the integration. Every time I attempted to login using a single session, I would get kicked back out to the login page with the session expired message. If I logged in using the the "remember my login' option, I could stay logged in, but then I couldn't use any of the admin functions without an 'invalid action' message. Why? The session token was broken. The active token and the $_SESSION['token'] were never the same. Something in WP 3.7 broke it. For a successful integration, the wp-load.php was required for each page that displayed content. Whatever they changed in the session handling for 3.7, HESK does not like. I'm going to post about it and see if I can make it work again, but I'm not hopeful, and I absolutely despise the iFrame hack to load the hesk page within a WP page. It's ugly.