Missing Authorization Vulnerability in StellarWP Event Tickets Product
CVE-2025-62027

Currently unrated

Key Information:

Vendor

WordPress
Status
Event Tickets
Vendor
CVE Published:
22 October 2025

What is CVE-2025-62027?

A missing authorization vulnerability exists in the StellarWP Event Tickets plugin, affecting versions from n/a through 5.26.3. This flaw can allow unauthorized users to access sensitive functionalities, leading to potential manipulation of event details and ticket management. It is crucial for users of the Event Tickets plugin to evaluate their security posture and ensure they are running the latest, patched versions to mitigate any risks associated with this vulnerability.

Affected Version(s)

Event Tickets <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/even...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

n0_arafat_n0 (Patchstack Alliance)
JSON
.
CVE-2025-62027 : Missing Authorization Vulnerability in StellarWP Event Tickets Product