Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in My Tickets 1.8.31

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 18, 2021

The My Tickets plugin for WordPress has a security flaw that could allow unauthenticated attackers to inject dangerous web scripts into pages. This could happen if a user uses the Email field of booked tickets on versions of the plugin up to and including 1.8.30. This is because the plugin does not properly sanitize input or escape output. If a user visits a hacked page

Detected in:

My Tickets fixed vulnerable versions: >= * < 1.8.31
My Tickets – Accessible Event Ticketing fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.