CVE-2024-9575

HIGH

Pretix Widget <1.0.6 - Local File Inclusion

Title source: llm

Description

Local File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows allows PHP Local File Inclusion. This issue affects pretix Widget WordPress plugin: from 1.0.0 through 1.0.5.

References (2)

Core 2

Core References

Various Sources vendor-advisory

https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve

Scores

CVSS v4 8.5

EPSS 0.0050

EPSS Percentile 38.7%

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/RE:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22 CWE-73

Status published

Products (2)

rami.io GmbH/pretix Widget WordPress plugin 1.0.0 - 1.0.5

rami.io GmbH/pretix Widget WordPress plugin 1.0.6

Published Oct 09, 2024

Tracked Since Feb 18, 2026