Platform
wordpress
Component
event-tickets-with-ticket-scanner
Fixed in
2.8.6
CVE-2025-68015 describes a Remote Code Execution (RCE) vulnerability within the Event Tickets with Ticket Scanner WordPress plugin. This flaw allows attackers to inject arbitrary code, potentially leading to complete system compromise. The vulnerability impacts versions from 0.0.0 through 2.8.5, and a patch is available in version 2.8.6.
The impact of this RCE vulnerability is severe. An attacker who successfully exploits this flaw can execute arbitrary code on the affected WordPress server with the privileges of the web server user. This could lead to complete compromise of the server, including data theft, modification, or deletion. Attackers could also use the compromised server as a launchpad for further attacks against other systems on the network. The ability to inject code directly opens the door to a wide range of malicious activities, including installing backdoors, injecting malware, and defacing the website.
CVE-2025-68015 is currently not listed on the CISA KEV catalog. Public proof-of-concept (POC) code is not yet available, but the RCE nature of the vulnerability suggests a high probability of exploitation once a POC is released. The vulnerability was publicly disclosed on 2026-01-22.
Exploit Status
EPSS
0.07% (21% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-68015 is to immediately upgrade the Event Tickets with Ticket Scanner plugin to version 2.8.6 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider temporarily disabling the plugin. While a direct WAF rule is difficult to implement for code injection, strict input validation and output encoding within the plugin's codebase (if possible) can offer some limited protection. Monitor WordPress logs for suspicious activity, particularly attempts to execute unusual commands or access sensitive files.
Update to version 2.8.6, or a newer patched version
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-68015 is a critical Remote Code Execution vulnerability in the Event Tickets with Ticket Scanner WordPress plugin, allowing attackers to execute arbitrary code.
You are affected if you are using Event Tickets with Ticket Scanner versions 0.0.0 through 2.8.5. Check your plugin version and upgrade immediately.
Upgrade the Event Tickets with Ticket Scanner plugin to version 2.8.6 or later to resolve the vulnerability. If immediate upgrade is not possible, disable the plugin.
While no active exploitation has been confirmed, the RCE nature of the vulnerability suggests a high probability of exploitation once a proof-of-concept is released.
Refer to the official Event Tickets with Ticket Scanner website or WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.