3 matches found
CVE-2025-62063
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks.This issue affects WP Travel Gutenberg Blocks: from n/a through = 3.9.2...
CVE-2025-53207 WordPress WP Travel Gutenberg Blocks plugin <= 3.9.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks allows PHP Local File Inclusion.This issue affects WP Travel Gutenberg Blocks: from n/a through = 3.9.0...
CVE-2025-53207
CVE-2025-53207 is a confirmed Local File Inclusion vulnerability in the WordPress plugin WP Travel Gutenberg Blocks (affected: versions up to 3.9.0). The root cause is improper control of the filename used in PHP include/require statements, enabling LFI and potentially local file exposure. CVSS v...