CVE-2026-41471

The CVE concerns the Easy PayPal Events & Tickets WordPress plugin (version 1.3 and earlier). A vulnerability in the QR code scanning endpoint (scan_qr.php) allows unauthenticated attackers to enumerate and retrieve all customer order records by iterating sequential WordPress post IDs, exposing s...

WordPress plugin Easy PayPal Events & Tickets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2025-13808

Malicious code in bioql PyPI...

EUVD-2024-49207

Malicious code in bioql PyPI...

CVE-2024-8476

The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the wpeeventpluginbuttons function. This makes it possible for unauthenticated attackers to delete arbitrary...

CVE-2025-47519

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

CVE-2025-47519

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

CVE-2025-47519 WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

CVE-2025-47519

CVE-2025-47519 is a CSRF vulnerability in WordPress plugin WordPress Easy PayPal Events (versions

CVE-2025-47519 WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Easy PayPal Events versions = 1.2.2...

WordPress plugin Easy PayPal Events 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-20141 · Unknown · Scott Paterson Easy Paypal Events

Name of the Vulnerable Software and Affected Versions: Scott Paterson Easy PayPal Events versions 1.2.2 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For version...

CVE-2024-8476

CVE-2024-8476 affects the Easy PayPal Events plugin for WordPress (versions

WordPress plugin Easy PayPal Events 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Easy PayPal Events plugin <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability discovered by Krzysztof Zając in WordPress Plugin Easy PayPal Events versions = 1.2.1...

PT-2024-39042 · WordPress · Easy Paypal Events

Name of the Vulnerable Software and Affected Versions: Easy PayPal Events plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is due to missing or incorrect nonce validation on the wpeevent plugin buttons function, making it possible for unauthenticated attackers to...

WordPress Easy PayPal Events Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Easy PayPal Events Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8476 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 61a92fe21d38 Credits Krzysztof Zając...