2 matches found
CVE-2025-59012 WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.3...
CVE-2024-12811
The CVE CVE-2024-12811 affects the Traveler WordPress theme (versions up to 3.1.8). It describes an authenticated Local File Inclusion via the hotel_alone_slider shortcode’s style attribute, enabling an attacker with contributor+ permissions to include arbitrary server files and execute PHP code....