Thezawad

**Name of the Vulnerable Software and Affected Versions** CampTix Event Ticketing plugin versions prior to 1.5 **Description** The issue allows for CSV injection when the export tool is used. This can occur when the export tool is utilized, potentially leading to malicious data being injected into the system. **Recommendations** For versions prior to 1.5, update to version 1.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the export tool until the update is applied.

**Name of the Vulnerable Software and Affected Versions** CampTix Event Ticketing plugin versions prior to 1.5 **Description** The issue allows for cross-site scripting (XSS) in the admin section of the plugin. This can occur via a ticket title or body. **Recommendations** For versions prior to 1.5, update to version 1.5 or later to resolve the issue. As a temporary workaround, consider restricting user input for ticket titles and bodies to minimize the risk of exploitation.