CVE-2026-13754
The affected product is the Tickera – Sell Tickets & Manage Events plugin for WordPress. Affected component: the plugin’s SQL handling exposed by the parameter s, enabling a generic SQL Injection in all versions up to and including 3.6.0.0 due to insufficient escaping of user input and inadequate...