Cross-Site Scripting Vulnerability in CampTix Event Ticketing Plugin for WordPress
CVE-2016-10763
4.8MEDIUM
What is CVE-2016-10763?
The CampTix Event Ticketing plugin for WordPress, prior to version 1.5, is susceptible to a Cross-Site Scripting (XSS) vulnerability in its admin section. This issue arises when user-controlled inputs, such as ticket titles or body content, are not properly sanitized. As a result, an attacker could exploit this vulnerability to inject malicious scripts, potentially compromising admin accounts and affecting the security of the entire WordPress installation.