The Tickera WordPress plugin had a security vulnerability before version 3.4.8.3. This vulnerability could allow someone who was not authenticated (logged in) to perform malicious attacks against the administrators of the website. The vulnerability was related to the way that the Names of Events were not properly secured before they were displayed in the Orders section of the website.