EUVD-2026-36636

The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter s in versions up to, and including, 6.0.4 The plugin hooks WordPress's postsrequest filter with wpticketcompostsrequest, which calls emdauthorsearchresults when the current request is an...

CVE-2025-60157

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System wp-ticket allows Stored XSS.This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a throu...

CVE-2025-53584

Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System wp-ticket allows Object Injection.This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through = 6.0.2...

WordPress Ticket Tailor Plugin <= 1.10 is vulnerable to Cross Site Scripting (XSS)

Software Ticket Tailor Type Plugin Vulnerable versions = 1.10 Fixed in 1.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29104 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bf9f96915120 Credits Ray Wilson Required privilege Contributor...