Vulnerabilities > Liquidweb > Event Tickets AND Registration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-30 | CVE-2024-13457 | Authorization Bypass Through User-Controlled Key vulnerability in Liquidweb Event Tickets and Registration The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. | 5.3 |