Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

My Tickets

Source -

CNA

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
4Vulnerabilities found
CVE-2025-22717
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.19%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 13:57
Updated-12 Feb, 2025 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress My Tickets plugin <= 2.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Joe Dolson My Tickets allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects My Tickets: from n/a through 2.0.9.

Action-Not Available
Vendor-Joe Dolson
Product-My Tickets
CWE ID-CWE-862
Missing Authorization
CVE-2023-23988
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.35%
||
7 Day CHG~0.00%
Published-17 May, 2024 | 06:33
Updated-02 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress My Tickets plugin <= 1.9.11 - Payment Bypass Vulnerability

Missing Authorization vulnerability in Joseph C Dolson My Tickets.This issue affects My Tickets: from n/a through 1.9.11.

Action-Not Available
Vendor-Joseph C Dolson
Product-My Tickets
CWE ID-CWE-862
Missing Authorization
CVE-2022-47440
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 22.03%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 09:14
Updated-13 Jan, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress My Tickets Plugin <= 1.9.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Tickets plugin <= 1.9.10 versions.

Action-Not Available
Vendor-my_tickets_projectJoseph C Dolson
Product-my_ticketsMy Tickets
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2021-24796
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-6.1||MEDIUM
EPSS-12.13% / 93.55%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 10:15
Updated-03 Aug, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
My Tickets < 1.8.31 - Unauthenticated Stored Cross-Site Scripting

The My Tickets WordPress plugin before 1.8.31 does not properly sanitise and escape the Email field of booked tickets before outputting it in the Payment admin dashboard, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins

Action-Not Available
Vendor-my_tickets_projectUnknown
Product-my_ticketsMy Tickets
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')