Scan free
HIGHCVE-2025-3761CVSS 8.8

CVE-2025-3761: Privilege Escalation in My Tickets WordPress Plugin

Platform

wordpress

Component

my-tickets

Fixed in

2.0.17

AI Confidence: highNVDEPSS 0.3%Reviewed: May 2026
View on NVD
Save

CVE-2025-3761 describes a Privilege Escalation vulnerability affecting the My Tickets – Accessible Event Ticketing plugin for WordPress. An authenticated attacker with Subscriber-level access or higher can exploit this flaw to elevate their role to administrator, gaining complete control over the WordPress site. This vulnerability impacts versions 0 through 2.0.16, and a patch is available in version 2.0.17.

WordPress

Detect this CVE in your project

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan free

Impact and Attack Scenarios

Successful exploitation of CVE-2025-3761 allows an attacker to bypass standard WordPress access controls. By escalating their role to administrator, the attacker can perform any action on the site, including installing malicious plugins, modifying content, deleting data, and potentially gaining access to sensitive information stored within the WordPress database. This could lead to complete compromise of the website and its associated data. The impact is particularly severe for sites handling sensitive user data or financial transactions, as an attacker could leverage administrator privileges to steal or manipulate this information.

Exploitation Context

CVE-2025-3761 was publicly disclosed on April 24, 2025. There is currently no indication of active exploitation in the wild, but the ease of exploitation and the plugin's popularity suggest it could become a target. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Public proof-of-concept code is likely to emerge, increasing the risk of exploitation.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.26% (49% percentile)

CISA SSVC

Exploitationnone
Automatableno
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H8.8HIGHAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredLowAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
Low — any valid user account is sufficient. Basic authenticated access required.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentmy-tickets
Vendorjoedolson
Affected rangeFixed in
0 – 2.0.162.0.17

Package Information

Active installs
700Niche
Plugin rating
4.9
Requires WordPress
6.4+
Compatible up to
7.0
Requires PHP
7.4+
Homepage

Weakness Classification (CWE)

CWE-269

Timeline

  1. Reserved
  2. Published
  3. Modified
  4. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2025-3761 is to immediately update the My Tickets – Accessible Event Ticketing plugin to version 2.0.17 or later. If an immediate upgrade is not feasible due to compatibility issues or testing requirements, consider restricting access to the mtsaveprofile() function within the plugin. While not a complete fix, this can limit the attacker's ability to modify roles. Review WordPress user roles and permissions to ensure that no unauthorized users have elevated privileges. After upgrading, verify the fix by attempting to log in as a subscriber and attempting to modify your user role to administrator; the action should be denied.

How to fix

Actualice el plugin My Tickets – Accessible Event Ticketing a la versión 2.0.17 o superior para mitigar la vulnerabilidad de escalada de privilegios. Esta actualización corrige la forma en que se gestionan los roles de usuario, evitando que los usuarios con privilegios bajos actualicen sus roles a administrador.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-3761 — Privilege Escalation in My Tickets WordPress Plugin?

CVE-2025-3761 is a vulnerability in the My Tickets plugin for WordPress allowing authenticated subscribers to escalate to administrator roles, gaining full control of the site.

Am I affected by CVE-2025-3761 in My Tickets WordPress Plugin?

You are affected if you are using My Tickets plugin versions 0 through 2.0.16. Upgrade immediately to mitigate the risk.

How do I fix CVE-2025-3761 in My Tickets WordPress Plugin?

Upgrade the My Tickets plugin to version 2.0.17 or later. If immediate upgrade is not possible, restrict access to the mtsaveprofile() function.

Is CVE-2025-3761 being actively exploited?

There is currently no confirmed active exploitation, but the ease of exploitation makes it a potential target.

Where can I find the official My Tickets advisory for CVE-2025-3761?

Refer to the official My Tickets plugin website or WordPress plugin repository for the latest advisory and update information.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs