Design/Logic Flaw

2019-07-1812:15:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.6%

The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.

CPENameOperatorVersion
camptix_event_ticketinglt1.5.0

CPE	Name	Operator	Version
	camptix_event_ticketing	lt	1.5.0

References

hackerone.com/reports/152958

wordpress.org/plugins/camptix/