What the vulnerability does
01Description
The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_profile() function not appropriately restricting access to unauthorized users to update roles. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator.
Explanation of Vulnerability in Simple Terms
02Summary
My Tickets allows authenticated users with low privileges to perform actions restricted to higher-privilege roles. An attacker with a standard user account can read sensitive event data, modify ticket information, and disrupt ticketing operations. The vulnerability stems from insufficient privilege checks in the plugin's access control logic.
What an attacker can do
03Attacker Capabilities
Read event data, modify tickets, and disrupt ticketing operations with a low-privilege user account.
Potential impact on your site
04Site Impact
Ticket data and event information can be accessed or modified by unauthorized users; ticketing operations may be disrupted.
Conditions required to exploit
05Prerequisites
Attacker must have a valid user account with low privileges on the site.
Key dates
06Disclosure timeline
April 24, 2025
CVE published
April 8, 2026
Record updated