CVE-2025-12356

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxchangeticketstatus' AJAX endpoint in all versions up to, and including, 3.5.6.4. This makes it possible for authenticated attackers,...

CVE-2025-12356 Tickera – WordPress Event Ticketing <= 3.5.6.4 - Missing Authorization to Authenticated (Subscriber+) Event/Post Status Update

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxchangeticketstatus' AJAX endpoint in all versions up to, and including, 3.5.6.4. This makes it possible for authenticated attackers,...

WordPress plugin Tickera – Sell Tickets & Manage Events 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Tickera - WordPress Event Ticketing plugin <= 3.5.6.4 - Missing Authorization to Authenticated (Subscriber+) Event/Post Status Update vulnerability

WordPress Tickera - WordPress Event Ticketing plugin = 3.5.6.4 - Missing Authorization to Authenticated Subscriber+ Event/Post Status Update vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Tickera versions = 3.5.6.4...

CVE-2025-69355

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

CVE-2025-69355

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

CVE-2025-69355

CVE-2025-69355 concerns Tickera – Sell Tickets & Manage Events (WordPress plugin). Wordfence references WorDFence WORDFENCE: Tickera

CVE-2025-69355 WordPress Tickera plugin <= 3.5.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

PT-2026-1483

Name of the Vulnerable Software and Affected Versions Tickera versions through 3.5.6.4 Description A missing authorization issue exists in Tickera tickera-event-ticketing-system, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Tickera to a...