3 matches found
CVE-2025-1402
The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajaxticketdelete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-1402
creationtimestamp| type| source ---|---|--- 2025-02-21 11:18:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4876 2025-02-21 15:26:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lip4jgqhk52v 2025-02-21 15:35:57+00:00| seen| https://t.me/cvedetector/18653 2025-08-25...
CVE-2025-1402 Event Tickets and Registration <= 5.19.1.1 - Missing Authorization to Ticket Deletion
The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajaxticketdelete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access...