5 matches found
CVE-2025-0507
The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-0507
The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-0507
The CVE-2025-0507 entry affects the WordPress plugin Ticketmeo – Sell Tickets – Event Ticketing (versions up to and including 2.3.6). It describes a Stored Cross‑Site Scripting vulnerability via the plugin’s shortcodes caused by insufficient input sanitization and output escaping on user-supplied...
CVE-2025-0507 Ticketmeo – Sell Tickets – Event Ticketing <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-0507 Ticketmeo – Sell Tickets – Event Ticketing <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...