WordPress Plugin Vulnerabilities

CampTix Event Ticketing <= 1.5.0 - CSV Injection Bypasses and XSS

Description

The CampTix Event Ticketing WordPress plugin was affected by a CSV Injection Bypasses and XSS security vulnerability.

Affects Plugins

Plugin icon
camptix
Fixed in 1.5.1

References

URL
https://hackerone.com/reports/160500
URL
https://hackerone.com/reports/160520
URL
https://hackerone.com/reports/160674
URL
https://hackerone.com/reports/164793

Miscellaneous

Original Researcher
white_walker, lalka, and grande
Verified
No
WPVDB ID
b81cdb26-f0fa-4c3c-94cf-c6bdeda4f3f2

Timeline

Publicly Published
2016-10-11 (about 9 years ago)
Added
2019-07-18 (about 6 years ago)
Last Updated
2019-11-27 (about 6 years ago)

Other

Published
Title
Published
2014-12-31
Title
twitterDash 2.1 - CSRF & XSS
Published
2017-06-05
Title
Crelly Slider <= 1.1.1 - Multiple Unspecified Vulnerabilities
Published
2014-11-05
Title
BulletProof Security <= .51 - Multiple Vulnerabilities (XSS & SSRF)
Published
2017-09-16
Title
Post Pay Counter < 2.731 - PHP Obj Injection & Access Control Issues
Published
2015-07-15
Title
Welcart e-Commerce < 1.4.18 - Multiple Vulnerabilities