Lucene search
K

11 matches found

NVD
NVD
added 2025/02/21 12:15 p.m.17 views

CVE-2025-1402

The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajaxticketdelete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access...

5.3CVSS0.00411EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/01/02 12:1 p.m.9 views

CVE-2024-38762 WordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in StellarWP Event Tickets event-tickets allows Cross Site Request Forgery.This issue affects Event Tickets: from n/a through = 5.11.0.4...

4.3CVSS5.1AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 12:1 p.m.16 views

CVE-2024-38762 WordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in StellarWP Event Tickets event-tickets allows Cross Site Request Forgery.This issue affects Event Tickets: from n/a through = 5.11.0.4...

4.3CVSS0.00188EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.11 views

WordPress Event Tickets with Ticket Scanner Plugin < 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6711 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0bf7f36b041a Credits Anas Jam...

5.6AI score0.00271EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/07/12 12:0 a.m.11 views

WordPress Event Tickets Plugin <= 5.11.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Event Tickets Type Plugin Vulnerable versions = 5.11.0.4 Fixed in 5.11.0.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-38762 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID 0a615d084880 Credits Joshua...

6.4AI score0.00188EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/04 2:12 p.m.26 views

CVE-2024-35652 WordPress Event Tickets with Ticket Scanner plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Reflected XSS.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.1...

7.1CVSS6.5AI score0.00288EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/03 12:0 a.m.9 views

WordPress Event Tickets with Ticket Scanner Plugin <= 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35652 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a8b7482ae90c Credits Le Ngoc Anh...

7.1CVSS6.5AI score0.00288EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/22 12:0 a.m.8 views

WordPress Event Tickets Plugin <= 5.8.1 is vulnerable to Broken Access Control

Software Event Tickets Type Plugin Vulnerable versions = 5.8.1 Fixed in 5.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1053 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID ddaccf519ce9 Credits Muhammad Daffa Required...

4.3CVSS6.5AI score0.00396EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.7 views

WordPress Event Tickets with Ticket Scanner Plugin < 1.5.5 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions 1.5.5 Fixed in 1.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID daa37a82b56a Credits Unknown...

5.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.6 views

WordPress Event Tickets Plugin <= 5.5.11.1 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets Type Plugin Vulnerable versions = 5.5.11.1 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Liquid Web / StellarWP PSID b526dab2f64a Credits Rafie Muhammad Patchstack...

5.9AI score0.00284EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.265 views

WordPress Event Tickets 4.10.7.1 CSV Injection

Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...

0.3AI score
Exploits0
Rows per page
Query Builder