3 matches found
CVE-2024-2261
The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data includin...
CVE-2024-2261 Event Tickets and Registration <= 5.8.2 - Improper Authorization to Information Disclosure
The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data includin...
WordPress Event Tickets Plugin <= 5.8.2 is vulnerable to Broken Access Control
Software Event Tickets Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2261 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID 4127cd4a2b13 Credits Tim Coen Required privile...