3 matches found
CVE-2025-1402
The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajaxticketdelete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-1402 Event Tickets and Registration <= 5.19.1.1 - Missing Authorization to Ticket Deletion
The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajaxticketdelete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access...
PT-2025-7501 · WordPress · Event Tickets/Registration
Name of the Vulnerable Software and Affected Versions: Event Tickets and Registration plugin for WordPress versions up to, and including, 5.19.1.1 Description: The issue is related to a missing capability check on the ajax ticket delete function, allowing authenticated attackers with...