The Tickera plugin for WordPress, which is used for selling event tickets, has a security issue that could lead to data being lost without permission. This is because a necessary check was not included in the coding for version 3.5.2.8 and earlier. This means that anyone with at least Subscriber-level access can delete all tickets for events.