cleantalk
Vulnerabilities and Security Researches

Event Tickets and Registration, CVE-2019-16120

CVE, Research URL

CVE-2019-16120

Home page URL

Security reports for Event Tickets and Registration

Application

Event Tickets and Registration

Published on
Sep 09, 2019
Research Description
CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees" Export Attendees feature.
Affected versions
Min -, max 5.6.0.
Status
vulnerable
Previous vulnerability researches
Event Tickets with Ticket Scanner (CVE-2024-52427) , Nov 19, 2024
Event Tickets with Ticket Scanner (CVE-2024-6711) , Aug 16, 2024
Event Tickets with Ticket Scanner (CVE-2024-9866) , Dec 07, 2024
Event Tickets with Ticket Scanner (CVE-2024-35652) , Jun 06, 2024
Event Tickets with Ticket Scanner (a15b09db3fbaefb7151e884a7c472101b7df0d2e) , Jun 06, 2024
New vulnerability
Uncanny Automator – Automate everything with the #1 automation, integration & webhooks plugin (CVE-2025-2075) , Apr 05, 2025
Blubrry PowerPress Podcasting plugin MultiSite add-on (CVE-2025-31436) , Apr 05, 2025
Wptobe-signinup (CVE-2025-30611) , Apr 05, 2025
Lexicata (CVE-2025-31900) , Apr 05, 2025
WooTumblog (CVE-2025-31729) , Apr 05, 2025