{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T17:02:32.543","vulnerabilities":[{"cve":{"id":"CVE-2024-52427","sourceIdentifier":"audit@patchstack.com","published":"2024-11-18T15:15:06.657","lastModified":"2026-04-01T16:20:18.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11."},{"lang":"es","value":"La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un motor de plantillas en Saso Nikolov Event Tickets con Ticket Scanner permite la inyección de Server Side Include (SSI). Este problema afecta a Event Tickets con Ticket Scanner: desde n/a hasta 2.3.11."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-82"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vollstart:event_tickets_with_ticket_scanner:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.3.12","matchCriteriaId":"BF952E20-9C82-4EE1-BEB0-1DB675F1F895"}]}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/event-tickets-with-ticket-scanner/vulnerability/wordpress-event-tickets-with-ticket-scanner-plugin-2-3-11-remote-code-execution-rce-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}