VYPR

Tickera Event Ticketing System

by WordPress

Source repositories

CVEs (10)

  • CVE-2025-67939MedJan 22, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.2.

  • CVE-2023-23726MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera allows Cross Site Request Forgery.This issue affects Tickera: from n/a through 3.5.1.0.

  • CVE-2024-12578MedDec 14, 2024
    risk 0.34cvss 5.3epss 0.00

    The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.5.4.8 via the 'tickera_tickets_info' endpoint. This makes it possible for unauthenticated attackers to extract sensitive data from…

  • CVE-2025-69355MedJan 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.4.

  • CVE-2025-58611MedSep 3, 2025
    risk 0.21cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Tickera Tickera tickera-event-ticketing-system allows Cross Site Request Forgery.This issue affects Tickera: from n/a through <= 3.5.5.6.

  • CVE-2025-30851MedMar 27, 2025
    risk 0.21cvss 4.3epss 0.00

    Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.5.2.

  • CVE-2023-51339Feb 20, 2025
    risk 0.00cvss epss 0.01

    A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

  • CVE-2023-51306Feb 20, 2025
    risk 0.00cvss epss 0.00

    PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "name, title" parameters.

  • CVE-2023-51337Feb 20, 2025
    risk 0.00cvss epss 0.00

    PHPJabbers Event Ticketing System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in "lid" parameter in index.

  • CVE-2023-51303Feb 19, 2025
    risk 0.00cvss epss 0.00

    PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML Injection in the "lid, name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.