diff --git a/htdocs/public/eventorganization/attendee_subscription.php b/htdocs/public/eventorganization/attendee_subscription.php
index bb2de7a590c..03fa023ad11 100644
--- a/htdocs/public/eventorganization/attendee_subscription.php
+++ b/htdocs/public/eventorganization/attendee_subscription.php
@@ -349,7 +349,7 @@ if (empty($reshook) && $action == 'add') {
 			// No price has been set
 			// Validating the subscription
 			$confattendee->setStatut(1);
-			$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php';
+			$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?idthirdparty='.dol_encode($thirdparty->id, $dolibarr_main_instance_unique_id).'&securekey='.dol_encode($conf->global->EVENTORGANIZATION_SECUREKEY, $dolibarr_main_instance_unique_id);
 			Header("Location: ".$redirection);
 			exit;
 		}
diff --git a/htdocs/public/eventorganization/subscriptionok.php b/htdocs/public/eventorganization/subscriptionok.php
index c12c1053e97..e51358f907d 100644
--- a/htdocs/public/eventorganization/subscriptionok.php
+++ b/htdocs/public/eventorganization/subscriptionok.php
@@ -56,12 +56,29 @@ if (!empty($conf->paypal->enabled)) {
 	require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypalfunctions.lib.php';
 }
 
+global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root, $mysoc;
+
 $langs->loadLangs(array("main", "companies", "install", "other", "eventorganization"));
 
 $object = new stdClass(); // For triggers
 
 $error = 0;
 
+// Security check
+$securekey = dol_decode(GETPOST('securekey'), $dolibarr_main_instance_unique_id);
+if ($securekey != $conf->global->EVENTORGANIZATION_SECUREKEY) {
+	print $langs->trans('MissingOrBadSecureKey');
+	exit;
+}
+
+$idthirdparty = dol_decode(GETPOST('idthirdparty'), $dolibarr_main_instance_unique_id);
+
+$thirdparty = new Societe($db);
+$resthirdparty = $thirdparty->fetch($idthirdparty);
+if ($resthirdparty<0) {
+	$error++;
+	$errmsg .= $thirdparty->error;
+}
 
 /*
  * Actions
@@ -153,4 +170,4 @@ unset($_SESSION["TRANSACTIONID"]);
 
 llxFooter('', 'public');
 
-$db->close();
\ No newline at end of file
+$db->close();