WordPress plugin My Tickets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress My Tickets plugin <= 2.1.1 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin My Tickets versions = 2.1.1...

CVE-2026-27406 WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through = 2.1.0...

WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin My Tickets versions = 2.1.0...

CVE-2025-64257 WordPress My Tickets plugin <= 2.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Tickets: from n/a through = 2.1.0...

EUVD-2022-50202

Malicious code in bioql PyPI...

EUVD-2025-12137

Malicious code in bioql PyPI...

WordPress My Tickets Plugin <= 2.0.22 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin My Tickets versions = 2.0.22...

CVE-2025-58988 WordPress My Tickets Plugin <= 2.0.22 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joe Dolson My Tickets allows Stored XSS. This issue affects My Tickets: from n/a through 2.0.22...

CVE-2025-58988

CVE-2025-58988 affects the WordPress My Tickets plugin (versions up to 2.0.22). Root cause: improper input neutralization during web page generation, enabling stored XSS. Impact: stored Cross‑Site Scripting as described in multiple sources. Remediation: upgrade to a version later than 2.0.22 (pat...

CVE-2022-47440

Cross-Site Request Forgery CSRF vulnerability in Joseph C Dolson My Tickets plugin = 1.9.10 versions...

CVE-2025-3761

The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mtsaveprofile function not appropriately restricting access to unauthorized users to update roles. This makes it possible for...

CVE-2025-3761

The CVE CVE-2025-3761 affects the WordPress plugin My Tickets – Accessible Event Ticketing, versions up to and including 2.0.16. The root cause is the mt_save_profile() function failing to restrict access, enabling authenticated attackers with Subscriber-level access or higher to elevate to Admin...

CVE-2023-23988 WordPress My Tickets plugin <= 1.9.11 - Payment Bypass Vulnerability

Missing Authorization vulnerability in Joseph C Dolson My Tickets.This issue affects My Tickets: from n/a through 1.9.11...

CVE-2023-23988 WordPress My Tickets plugin <= 1.9.11 - Payment Bypass Vulnerability

Missing Authorization vulnerability in Joseph C Dolson My Tickets.This issue affects My Tickets: from n/a through 1.9.11...

CVE-2022-47440

Cross-Site Request Forgery CSRF vulnerability in Joseph C Dolson My Tickets plugin = 1.9.10 versions...

CVE-2022-47440

Cross-Site Request Forgery CSRF vulnerability in Joseph C Dolson My Tickets plugin = 1.9.10 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Joseph C Dolson My Tickets plugin = 1.9.10 versions...

CVE-2022-47440

CVE-2022-47440 is a CSRF vulnerability affecting WordPress My Tickets plugin versions ≤ 1.9.10. The issue stems from missing CSRF protection, enabling unauthorized actions via CSRF (e.g., bulk emailing) as described in connected entries. Mitigation: upgrade to version &gt; 1.9.10 (fixed in 1.9.11...

CVE-2022-47440 WordPress My Tickets Plugin <= 1.9.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Joseph C Dolson My Tickets plugin = 1.9.10 versions...