70 matches found
WordPress Event Tickets < 5.2.2 - Open Redirect
WordPress Event Tickets 5.2.2 is susceptible to an open redirect vulnerability. The plugin does not validate the tribeticketsredirectto parameter before redirecting the user to the given value, leading to an arbitrary redirect issue. id: CVE-2021-25028 info: name: WordPress Event Tickets 5.2.2 -...
WordPress Event Tickets plugin <= 5.27.5 - Bypass Vulnerability vulnerability
Bypass Vulnerability vulnerability discovered by endy in WordPress Plugin Event Tickets versions = 5.27.5...
WordPress plugin My Tickets 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress My Tickets plugin <= 2.1.1 - Bypass Vulnerability vulnerability
Bypass Vulnerability vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin My Tickets versions = 2.1.1...
CVE-2026-27406 WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through = 2.1.0...
CVE-2026-27744
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
EUVD-2026-8608
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
CVE-2026-27744
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
CVE-2026-27744
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
CVE-2026-27744
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
CVE-2026-27744
The CVE-2026-27744 entry concerns the SPIP tickets plugin (versions prior to 4.3.3) with an unauthenticated remote code execution in the forum preview handling for public ticket pages. The vulnerability arises from appending untrusted request parameters into HTML that is later rendered by a templ...
CVE-2026-27744 SPIP tickets < 4.3.3 Unauthenticated RCE
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...
PT-2026-21859
Name of the Vulnerable Software and Affected Versions SPIP tickets plugin versions prior to 4.3.3 Description The SPIP tickets plugin is affected by a remote code execution issue. An unauthenticated attacker can execute code on the web server through crafted content injection. The plugin appends...
WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin My Tickets versions = 2.1.0...
CVE-2019-16120
CSV injection in the event-tickets Event Tickets plugin before 4.10.7.2 for WordPress exists via the "All Post Ticketed Attendees" Export Attendees feature...
CVE-2025-64257 WordPress My Tickets plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Tickets: from n/a through = 2.1.0...
EUVD-2025-35381
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through = 5.26.3...
CVE-2025-62027
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through = 5.26.3...
CVE-2025-11517
CVE-2025-11517 affects the WordPress plugin “Event Tickets and Registration” (
WordPress Event Tickets and Registration plugin <= 5.26.5 - Unauthenticated Ticket Payment Bypass vulnerability
Unauthenticated Ticket Payment Bypass vulnerability discovered by Jack Pas Dark. in WordPress Plugin Event Tickets versions = 5.26.5...