Description
WordPress Plugin My Tickets is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass completing payment. WordPress Plugin My Tickets version 1.9.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.12 or latest
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2097)
Oracle JRE CVE-2020-2757 Vulnerability (CVE-2020-2757)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5339)
MySQL CVE-2022-21330 Vulnerability (CVE-2022-21330)
WordPress Plugin WP Statistics Multiple Vulnerabilities (13.1.5)