Vulnerabilities (CVE)

Filtered by vendor Tri Subscribe
Filtered by product Event Tickets
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25028 1 Tri 1 Event Tickets 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue
CVE-2019-16120 1 Tri 1 Event Tickets 2024-11-21 6.5 MEDIUM 8.8 HIGH
CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees" Export Attendees feature.