Vulnerabilities > Automattic > Camptix Event Ticketing > 1.3

DATE CVE VULNERABILITY TITLE RISK
2019-07-18 CVE-2016-10763 Cross-site Scripting vulnerability in Automattic Camptix Event Ticketing
The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.
network
automattic CWE-79
3.5
3.5
2019-07-18 CVE-2016-10762 Command Injection vulnerability in Automattic Camptix Event Ticketing
The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used.
network
high complexity
automattic CWE-77
5.1
5.1