@cve-notifications.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

CVE Sentinel

cve-notifications.bsky.social

did:plc:fmpxu5qaccixyxvvyzsllshl

ID: CVE-2024-13457 CVSS V3.1: MEDIUM The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled... #security #infosec #cve-alert https://nvd.nist.gov/vuln/detail/CVE-2024-13457

2025-01-30T07:15:30.653Z