Log out
Get PRO

Latest

Access violation vulnerability in Event Manager and Tickets Selling Plugin for WooCommerce 3.5.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: November 3, 2021

The Event Manager and Tickets Selling Plugin for WooCommerce is a plugin for WordPress websites. Older versions of the plugin (before version 3.5.3) have a security vulnerability that could allow an attacker who is not authorized to access the website to import templates from Elementor, an external website. This vulnerability exists because the plugin does not have a feature that checks to make sure only authorized people are importing templates.

Detected in:

Event Booking & Management Plugin for WooCommerce fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:
Event Booking Manager for WooCommerce – WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce fixed vulnerable versions: >= * < 3.5.3
Event Manager and Tickets Selling Plugin for WooCommerce -WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.