CVE-2023-23726 WordPress Tickera plugin <= 3.5.1.0 - CSRF Leading To Post Status Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tickera Tickera tickera-event-ticketing-system allows Cross Site Request Forgery.This issue affects Tickera: from n/a through = 3.5.1.0...

CVE-2023-23726 WordPress Tickera – WordPress Event Ticketing plugin <= 3.5.1.0 - CSRF Leading To Post Status Change Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tickera.com Tickera allows Cross Site Request Forgery.This issue affects Tickera: from n/a through 3.5.1.0...

CVE-2023-23726

CVE-2023-23726 affects Tickera WordPress Tickera plugin versions up to 3.5.1.0. The vulnerability is a Cross-Site Request Forgery (CSRF) flaw that enables unauthorized post-status changes. Root cause: CSRF in the plugin enables an attacker to induce a user to perform a state-changing action on Ti...

PT-2023-14680 · WordPress · Tickera

Name of the Vulnerable Software and Affected Versions: Tickera WordPress plugin versions prior to 3.5.1.0 Description: The issue concerns a lack of CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. This could potentially lead t...