45 matches found
CVE-2026-56059
Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...
EUVD-2026-39713
Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...
CVE-2026-56059 WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...
CVE-2026-56059
The CVE-2026-56059 entry concerns the WordPress Travel Booking theme version up to 2.2.5, which is affected by an arbitrary file upload vulnerability in Subscriber context. The linked sources (NVD/CVE records) confirm the affected product and version range and classify the severity as critical wi...
CVE-2026-32486
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
EUVD-2026-12025
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
CVE-2026-32486
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
CVE-2026-32486 WordPress Travel Booking theme <= 1.3.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
CVE-2026-32486 WordPress Travel Booking theme <= 1.3.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
CVE-2026-32486
CVE-2026-32486 affects the WordPress Travel Booking theme (Travel Booking, plugin-like component) with versions up to and including 1.3.9. The vulnerability is described as a Missing Authorization / Broken Access Control issue caused by incorrectly configured access control security levels in the...
CVE-2026-32486
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
PT-2026-25307
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through = 1.3.9...
WordPress plugin Travel Booking 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
A2A-POC
A2A Travel Agency Multi-Agent System A Proof of Concept demon...
CVE-2019-7554
An issue was discovered in PHP Scripts Mall API Based Travel Booking 3.4.7. There is Reflected XSS via the flight-results.php d2 parameter...
EUVD-2019-17093
Malware in sbrugna...
EUVD-2024-34358
Malicious code in bioql PyPI...
PT-2025-1739 · WordPress · Wp Travel
Name of the Vulnerable Software and Affected Versions: WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin for WordPress versions prior to 10.0.1 Description: The issue is related to SQL Injection via the booking itinerary parameter of the wptravel get booking data function...
WordPress plugin Travel Booking SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-17349 · WordPress · The Travel Booking Wordpress Theme
Name of the Vulnerable Software and Affected Versions: Travel Booking WordPress Theme versions up to, and including, 3.1.6 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data without permission due to a missing capability check on several...