Skip to main content

My Tickets

2 CVEs product

Monthly

CVE-2026-32492 MEDIUM This Month

My Tickets plugin version 2.1.1 and earlier contains an authentication bypass vulnerability that allows unauthenticated attackers to spoof user identities and gain unauthorized access to ticket systems. The vulnerability requires no user interaction and can be exploited remotely by any network-connected attacker. Currently, no patch is available for this medium-severity issue affecting installations of this WordPress plugin.

Authentication Bypass My Tickets
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2021-24796 MEDIUM POC This Month

The My Tickets WordPress plugin before 1.8.31 does not properly sanitise and escape the Email field of booked tickets before outputting it in the Payment admin dashboard, which could allow. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS My Tickets
NVD WPScan
CVSS 3.1
6.1
EPSS
1.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

My Tickets plugin version 2.1.1 and earlier contains an authentication bypass vulnerability that allows unauthenticated attackers to spoof user identities and gain unauthorized access to ticket systems. The vulnerability requires no user interaction and can be exploited remotely by any network-connected attacker. Currently, no patch is available for this medium-severity issue affecting installations of this WordPress plugin.

Authentication Bypass My Tickets
NVD VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The My Tickets WordPress plugin before 1.8.31 does not properly sanitise and escape the Email field of booked tickets before outputting it in the Payment admin dashboard, which could allow. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS My Tickets
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy