Description
WordPress Plugin My Tickets is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass completing payment. WordPress Plugin My Tickets version 1.9.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.12 or latest
References
Related Vulnerabilities
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.4.17)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1817)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5270)
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.5)
WordPress Plugin BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2)