HTML Injection Vulnerability in Pretix Pages Plugin
CVE-2026-57534

2.1LOW

Key Information:

Vendor: Pretix
Status: Pretix-pages
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-57534?

The Pretix Pages plugin for WordPress has a vulnerability that allows an attacker to inject malicious HTML content into the page. This could lead to unintended consequences, such as exposing users to phishing attempts or executing unauthorized scripts. Users are advised to update to the latest version to mitigate this risk.

Affected Version(s)

pretix-pages 0 < 1.6.4

References

https://pretix.eu/about/en/blog/20260625-release-2026-5-2/

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 24, 2026

CVE-2026-57534 Data

JSON