Liquidweb Event_tickets
5 CVEs affecting Liquidweb Event_tickets. Latest disclosed: 2025-01-30. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-16120 | High | 8.8 | 2019-09-08 | CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees" Export Attendees featur… |
CVE-2024-1316 | Medium | 6.5 | 2024-03-04 | The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the co… |
CVE-2024-13457 | Medium | 5.3 | 2025-01-30 | The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the… |
CVE-2024-1319 | Medium | 4.3 | 2024-03-04 | The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post typ… |
CVE-2024-1053 | Medium | 4.3 | 2024-02-22 | The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'email' action in… |