Event Tickets with Ticket Scanner < 2.3.8 – Admin+ Stored XSS | CVE 2024-6711 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks

Proof of Concept

1. Go to "Event Tickets" and select the "Auth Token" section using the menu option on the upper right
2. Click "Add" and in the modal and for the "Name" enter the payload `<h1>Test injection<script>alert(2)</script></h1>`
3. Click "OK" and then see the XSS.

Affects Plugins

event-tickets-with-ticket-scanner

Fixed in 2.3.8

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Anas Jamal and Satyam Singh

Submitter

Anas Jamal and Satyam Singh

Verified

Yes

WPVDB ID

bf431b81-2db9-4fcb-841c-9b51d1870bf8

Timeline

Publicly Published

2024-04-20 (about 1 year ago)

Added

2024-08-13 (about 1 year ago)

Last Updated

2024-08-13 (about 1 year ago)

Other

Published

Title

Published

2024-06-11

Title

Divi Torque Lite – Divi Theme and Extra Theme < 4.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

Published

2025-04-14

Title

ShopApper <= 0.4.59 - Unauthenticated Stored Cross-Site Scripting

Published

2024-03-25

Title

Grid Shortcodes < 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-04-28

Title

CM On Demand Search And Replace < 1.3.1 - Admin+ Stored XSS

Published

2025-02-08

Title

Simple add pages or posts <= 2.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting