Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2026/05/12 2:27 a.m.11 views

CVE-2026-32834

Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...

8.7CVSS5.9AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 5:40 p.m.15 views

CVE-2026-41471

The CVE concerns the Easy PayPal Events & Tickets WordPress plugin (version 1.3 and earlier). A vulnerability in the QR code scanning endpoint (scan_qr.php) allows unauthenticated attackers to enumerate and retrieve all customer order records by iterating sequential WordPress post IDs, exposing s...

8.2CVSS5.8AI score0.00349EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:40 p.m.4 views

CVE-2026-41471

The Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over sequential WordPress po...

8.2CVSS5.6AI score0.00349EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 5:40 p.m.12 views

EUVD-2026-27050

Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over sequential WordPress...

8.2CVSS5.8AI score0.00349EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/04 5:39 p.m.8 views

EUVD-2026-27045

Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...

8.7CVSS5.9AI score0.00448EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/04 5:39 p.m.4 views

CVE-2026-32834 Easy PayPal Events & Tickets < 1.4 Authentication Bypass via QR Code Scanning

Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...

8.7CVSS5.9AI score0.00448EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

WordPress plugin Easy PayPal Events & Tickets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.2CVSS5.9AI score0.00349EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

WordPress plugin Easy PayPal Events & Tickets 信任管理问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.7CVSS5.9AI score0.00448EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-49207

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00218EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13808

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:18 a.m.12 views

CVE-2024-8476

The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the wpeeventpluginbuttons function. This makes it possible for unauthenticated attackers to delete arbitrary...

4.3CVSS6.6AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:26 p.m.4 views

CVE-2025-47519

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.6 views

CVE-2025-47519

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

4.3CVSS0.0014EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.37 views

CVE-2025-47519

CVE-2025-47519 is a CSRF vulnerability in WordPress plugin WordPress Easy PayPal Events (versions

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.16 views

CVE-2025-47519 WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

4.3CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.5 views

CVE-2025-47519 WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through = 1.2.2...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 12:37 p.m.5 views

WordPress Easy PayPal Events plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Easy PayPal Events versions = 1.2.2...

4.3CVSS8AI score0.0014EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.1 views

WordPress plugin Easy PayPal Events 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

4.3CVSS6AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.5 views

PT-2025-20141 · Unknown · Scott Paterson Easy Paypal Events

Name of the Vulnerable Software and Affected Versions: Scott Paterson Easy PayPal Events versions 1.2.2 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For version...

4.3CVSS5.5AI score0.0014EPSS
Exploits0References3
NVD
NVD
added 2024/09/25 3:15 a.m.13 views

CVE-2024-8476

The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the wpeeventpluginbuttons function. This makes it possible for unauthenticated attackers to delete arbitrary...

4.3CVSS0.00218EPSS
Exploits0References4
Rows per page
Query Builder