55 matches found
CVE-2026-25449
Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler allows Object Injection.This issue affects Traveler: from n/a through 3.2.8.1...
EUVD-2026-12821
Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: from n/a before 3.2.8.1...
CVE-2026-25449
Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler allows Object Injection.This issue affects Traveler: from n/a through 3.2.8.1...
CVE-2026-25449
CVE-2026-25449 : The WordPress Traveler theme (Shinetheme Traveler) is affected prior to version 3.2.8.1 by a PHP object injection vulnerability caused by deserialization of untrusted data. The issue affects Traveler components (described as before 3.2.8.1) and is rated critical (CVSS 3.1 base sc...
CVE-2026-25449
Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: from n/a before 3.2.8.1...
CVE-2026-24367
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.8...
CVE-2026-24367
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.8...
PT-2026-4259
Name of the Vulnerable Software and Affected Versions shinetheme Traveler versions prior to 3.2.8 Description An issue exists in shinetheme Traveler that allows for Blind SQL Injection due to Improper Neutralization of Special Elements used in an SQL Command. This allows an attacker to potentiall...
CVE-2025-67917
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...
CVE-2025-67917
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...
PT-2026-1894
Name of the Vulnerable Software and Affected Versions shinetheme Traveler versions through 3.2.6 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations...
CVE-2025-64371
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...
CVE-2025-64371
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...
CVE-2025-64372
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.6...
CVE-2025-64373
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in shinetheme Traveler traveler allows PHP Local File Inclusion.This issue affects Traveler: from n/a through 3.2.6...
EUVD-2025-204060
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.6...
EUVD-2025-204061
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...
PT-2025-52185
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.6...
PT-2025-52186
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in shinetheme Traveler traveler allows PHP Local File Inclusion.This issue affects Traveler: from n/a through 3.2.6...
PT-2025-52184
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...