Does Dream Online Ticket Selling have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Dream Online Ticket Selling compatible with WordPress 6.9.4?

According to WordPress.org data, Dream Online Ticket Selling 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Dream Online Ticket Selling compatible with PHP 7.4+?

Dream Online Ticket Selling requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dream Online Ticket Selling updated?

Dream Online Ticket Selling was last updated on Apr 1, 2026. Frequent updates are generally a positive security signal.

What is Dream Online Ticket Selling's security score?

Dream Online Ticket Selling has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dream Online Ticket Selling Security & Risk Analysis

wordpress.org/plugins/dream-online-ticket-selling

A comprehensive WordPress plugin for selling event tickets online with full admin control and customer management.

0 active installs v1.0.0 PHP 7.4+ WP 6.3+ Updated Apr 1, 2026

compititiondreamonline-ticket-sellingticketticket-selling

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dream Online Ticket Selling Safe to Use in 2026?

Generally Safe

Score 100/100

Dream Online Ticket Selling has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "dream-online-ticket-selling" plugin version 1.0.0 demonstrates a generally good security posture, with strong adherence to best practices in most areas. The code extensively uses prepared statements for SQL queries, and the vast majority of output is properly escaped, significantly mitigating risks of SQL injection and cross-site scripting (XSS). The plugin also incorporates a substantial number of nonce and capability checks, indicating an effort to protect its functionality. Its vulnerability history is clean, with no recorded CVEs, which is a positive indicator.

However, there are notable areas of concern. The presence of 2 AJAX handlers without authentication checks represents a direct attack vector. Furthermore, the taint analysis reveals one flow with a high severity, suggesting a potential vulnerability that could be exploited if not addressed. While the overall implementation is robust, these specific weaknesses, particularly the unprotected entry points and the high-severity taint flow, introduce tangible risks that require immediate attention to ensure the plugin's secure operation.

Key Concerns

AJAX handlers without auth checks
High severity taint flow

Vulnerabilities

None known

Dream Online Ticket Selling Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Dream Online Ticket Selling Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

Dream Online Ticket Selling Code Analysis

Dangerous Functions

Raw SQL Queries

72 prepared

Unescaped Output

990 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared72 total queries

Output Escaping

99% escaped996 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

9 flows3 with unsanitized paths

template_redirect (includes/class-dots-frontend.php:106)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Dream Online Ticket Selling Attack Surface

Entry Points23

Unprotected2

AJAX Handlers 20

authwp_ajax_dots_save_eventincludes/class-dots-ajax.php:14

authwp_ajax_dots_delete_eventincludes/class-dots-ajax.php:15

authwp_ajax_dots_duplicate_eventincludes/class-dots-ajax.php:16

authwp_ajax_dots_toggle_event_statusincludes/class-dots-ajax.php:17

authwp_ajax_dots_save_custom_fieldincludes/class-dots-ajax.php:18

authwp_ajax_dots_delete_custom_fieldincludes/class-dots-ajax.php:19

authwp_ajax_dots_update_field_orderincludes/class-dots-ajax.php:20

authwp_ajax_dots_export_customersincludes/class-dots-ajax.php:21

authwp_ajax_dots_process_purchaseincludes/class-dots-ajax.php:24

noprivwp_ajax_dots_process_purchaseincludes/class-dots-ajax.php:25

authwp_ajax_dots_apply_promoincludes/class-dots-ajax.php:26

noprivwp_ajax_dots_apply_promoincludes/class-dots-ajax.php:27

authwp_ajax_dots_save_promo_codeincludes/class-dots-ajax.php:28

authwp_ajax_dots_delete_promo_codeincludes/class-dots-ajax.php:29

authwp_ajax_dots_create_paymentincludes/class-dots-payment.php:13

noprivwp_ajax_dots_create_paymentincludes/class-dots-payment.php:14

authwp_ajax_dots_verify_paymentincludes/class-dots-payment.php:15

noprivwp_ajax_dots_verify_paymentincludes/class-dots-payment.php:16

authwp_ajax_dots_sslcommerz_callbackincludes/class-dots-payment.php:17

noprivwp_ajax_dots_sslcommerz_callbackincludes/class-dots-payment.php:18

Shortcodes 3

[dream_tickets_list] includes/class-dots-frontend.php:14

[dream_ticket_form] includes/class-dots-frontend.php:15

[dream_tickets_test] includes/class-dots-frontend.php:16

WordPress Hooks 8

actionplugins_loadeddream-online-ticket-selling.php:57

actionadmin_menuincludes/class-dots-admin.php:13

actionadmin_enqueue_scriptsincludes/class-dots-admin.php:14

actionadmin_initincludes/class-dots-admin.php:15

actionwp_enqueue_scriptsincludes/class-dots-frontend.php:13

actioninitincludes/class-dots-frontend.php:17

filterquery_varsincludes/class-dots-frontend.php:18

actiontemplate_redirectincludes/class-dots-frontend.php:19

Maintenance & Trust

Dream Online Ticket Selling Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 1, 2026

PHP min version7.4

Downloads38

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Dream Online Ticket Selling Alternatives

Event Tickets and Registration

event-tickets

Event Tickets allows your visitors to RSVP and buy tickets to events on your site. Also works seamlessly with The Events Calendar.

90K 12 CVEs

Events Manager – Calendar, Bookings, Tickets, and more!

events-manager

Events calendar with bookings, scheduling, appointments, event registration, tickets, recurring events, and venue management.

70K 34 CVEs

DreamHost Automated Migration

dreamhost-automated-migration

100

Effortlessly migrate your WordPress site to DreamHost with a fast, automated process.

20K No CVEs

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

wp-event-manager

Lightweight, scalable and full-featured event listings & management plugin for managing events & tickets from the Frontend and Backend.

20K 11 CVEs

Fluent Support – Helpdesk & Customer Support Ticket System

fluent-support

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K 7 CVEs

Developer Profile

Dream Online Ticket Selling Developer Profile

Dream Carnival

3 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dream Online Ticket Selling

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dream-online-ticket-selling/assets/css/admin.css/wp-content/plugins/dream-online-ticket-selling/assets/js/admin.js/wp-content/plugins/dream-online-ticket-selling/assets/css/frontend.css/wp-content/plugins/dream-online-ticket-selling/assets/js/frontend.js/wp-content/plugins/dream-online-ticket-selling/assets/js/payment.js

Script Paths

/wp-content/plugins/dream-online-ticket-selling/assets/js/admin.js/wp-content/plugins/dream-online-ticket-selling/assets/js/frontend.js/wp-content/plugins/dream-online-ticket-selling/assets/js/payment.js

Version Parameters

dream-online-ticket-selling/assets/css/admin.css?ver=dream-online-ticket-selling/assets/js/admin.js?ver=dream-online-ticket-selling/assets/css/frontend.css?ver=dream-online-ticket-selling/assets/js/frontend.js?ver=dream-online-ticket-selling/assets/js/payment.js?ver=

HTML / DOM Fingerprints

CSS Classes

dots-admin-wrapdots-frontend-wrapdots-ticket-formdots-event-detailsdots-payment-formdots-promo-code-input

Data Attributes

data-dots-ajax-urldata-dots-noncedata-dots-currency-symboldata-dots-confirm-deletedata-dots-savingdata-dots-saved+3 more

JS Globals

dotsAdmindotsFrontenddotsPayment

REST Endpoints

/wp-json/dream-tickets/v1/events/wp-json/dream-tickets/v1/forms/wp-json/dream-tickets/v1/sales/wp-json/dream-tickets/v1/promo-codes/wp-json/dream-tickets/v1/settings

Shortcode Output

[dream_tickets_form][dream_tickets_events][dream_tickets_sales]

FAQ