RSS   Vulnerabilities for 'Event tickets'   RSS

2022-01-24
 
CVE-2021-25028

CWE-601
 

 
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue

 
2019-09-08
 
CVE-2019-16120

CWE-74
 

 
CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees" Export Attendees feature.

 

 >>> Vendor: TRI 3 Products
Gigpress
The events calendar
Event tickets


Copyright 2024, cxsecurity.com

 

Back to Top