WordPress Tickera plugin <= 3.5.4.8 - Unauthenticated Customer Data Exposure vulnerability

Unauthenticated Customer Data Exposure vulnerability discovered by WordFence in WordPress Plugin Tickera versions = 3.5.4.8...

CVE-2025-67939 WordPress Tickera plugin <= 3.5.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.2...

CVE-2025-67939

CVE-2025-67939 (Tickera WordPress Tickera plugin) is a Missing Authorization / Broken Access Control vulnerability affecting Tickera up to version 3.5.6.2. The issue arises from incorrectly configured access control security levels, allowing unauthorized access. Public records from NVD/Red Hat/CV...

CVE-2025-69355

CVE-2025-69355 concerns Tickera – Sell Tickets & Manage Events (WordPress plugin). Wordfence references WorDFence WORDFENCE: Tickera

CVE-2025-69355 WordPress Tickera plugin <= 3.5.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

CVE-2024-35729 WordPress Tickera – WordPress Event Ticketing plugin <= 3.5.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tickera.This issue affects Tickera: from n/a through 3.5.2.6...

WordPress Tickera plugin <= 3.5.2.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin Tickera versions = 3.5.2.6...

WordPress Tickera plugin < 3.5.2.5 - Ticket leakage through IDOR vulnerability

Ticket leakage through IDOR vulnerability discovered by Martin Thirup Christensen in WordPress Plugin Tickera versions 3.5.2.5...

WordPress Tickera Plugin <= 3.5.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Tickera Type Plugin Vulnerable versions = 3.5.1.0 Fixed in 3.5.1.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23726 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 674b722356ed Credits István Márton Required...

WordPress Tickera plugin <= 3.4.8.2 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ajit Bhatta in WordPress Tickera plugin versions = 3.4.8.2. Solution Update the WordPress Tickera plugin to the latest available version at least 3.4.8.3...

WordPress Tickera plugin <= 3.4.6.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Florian Hauser in WordPress Tickera plugin versions = 3.4.6.7. Solution Update the WordPress Tickera plugin to the latest available version at least 3.4.6.9...