All 4 CVE vulnerabilities found in Tickera – Sell Tickets & Manage Events, with AI-generated Chinese analysis, references, and POCs.
Vendor: tickera
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12356 | Tickera – WordPress Event Ticketing <= 3.5.6.4 - Missing Authorization to Authenticated (Subscriber+) Event/Post Status Update CWE-862 | 4.3 | Medium | 2026-02-18 |
| CVE-2024-12578 | Tickera – WordPress Event Ticketing <= 3.5.4.8 - Unauthenticated Customer Data Exposure CWE-200 | 5.3 | Medium | 2024-12-14 |
| CVE-2024-10263 | Tickera – WordPress Event Ticketing <= 3.5.4.4 - Unauthenticated Arbitrary Shortcode Execution CWE-94 | 7.3 | High | 2024-11-05 |
| CVE-2024-5860 | Tickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket Deletion CWE-862 | 4.3 | Medium | 2024-06-18 |
All 4 known CVE vulnerabilities affecting Tickera – Sell Tickets & Manage Events with full Chinese analysis, references, and POCs where available.