Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32999

Malicious code in bioql PyPI...

7.3CVSS8.6AI score0.00492EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/14 4:23 a.m.15 views

CVE-2024-12578 Tickera – WordPress Event Ticketing <= 3.5.4.8 - Unauthenticated Customer Data Exposure

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.5.4.8 via the 'tickeraticketsinfo' endpoint. This makes it possible for unauthenticated attackers to extract sensitive data from bookings like full names, ema...

5.3CVSS0.0048EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.3 views

WordPress plugin Tickera – WordPress Event Ticketing 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Tickera -...

5.3CVSS8.2AI score0.0048EPSS
Exploits0References2
NVD
NVD
added 2024/11/05 1:15 p.m.13 views

CVE-2024-10263

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes...

7.3CVSS0.00492EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/05 12:45 p.m.20 views

CVE-2024-10263 Tickera – WordPress Event Ticketing <= 3.5.4.4 - Unauthenticated Arbitrary Shortcode Execution

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes...

7.3CVSS0.00492EPSS
Exploits0References2
NVD
NVD
added 2024/06/18 4:15 a.m.27 views

CVE-2024-5860

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tcdldeletetickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/18 3:13 a.m.23 views

CVE-2024-5860 Tickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket Deletion

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tcdldeletetickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.0028EPSS
Exploits0References2
Rows per page
Query Builder