Easy Paypal Events Tickets
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41471 | Hig | 0.49 | 7.5 | 0.00 | May 4, 2026 | The Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over… | ||
| CVE-2026-32834 | Hig | 0.49 | 7.5 | 0.00 | May 4, 2026 | Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter.… | ||
| CVE-2025-47519 | Med | 0.28 | 4.3 | 0.00 | May 7, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through <= 1.2.2. |
- risk 0.49cvss 7.5epss 0.00
The Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over…
- risk 0.49cvss 7.5epss 0.00
Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter.…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through <= 1.2.2.