Liquidweb Event Tickets — known CVE vulnerabilities
Every CVE whose affected-product data names Liquidweb Event Tickets, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2019-16120 — CVSS 8.8 (high): CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees"…
CVE-2024-1316 — CVSS 6.5 (medium): The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users…
CVE-2024-13457 — CVSS 5.3 (medium): The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
CVE-2024-1053 — CVSS 4.3 (medium): The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
CVE-2024-1319 — CVSS 4.3 (medium): The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees…