Lucene search
K

33 matches found

CVE
CVE
added 2026/03/18 1:12 p.m.14 views

CVE-2026-25449

CVE-2026-25449 : The WordPress Traveler theme (Shinetheme Traveler) is affected prior to version 3.2.8.1 by a PHP object injection vulnerability caused by deserialization of untrusted data. The issue affects Traveler components (described as before 3.2.8.1) and is rated critical (CVSS 3.1 base sc...

9.8CVSS5.9AI score0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/18 1:12 p.m.3 views

CVE-2026-25449 WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: from n/a before 3.2.8.1...

9.8CVSS5.8AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/18 1:12 p.m.32 views

CVE-2026-25449 WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler allows Object Injection.This issue affects Traveler: from n/a through 3.2.8.1...

9.8CVSS0.00322EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.8 views

PT-2026-26058

🚨 CVE-2026-25449: WordPress Traveler theme 3.2.8... PHP object injection in WordPress Traveler theme with 9.8 CVSS and zero auth requirements - RCE goldmine for mass WordP... https://t.co/VFpIhT0XqE netsec vulnerability CVE sysadmin zeroday...

9.8CVSS5.8AI score0.00322EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/01/22 8:35 p.m.7 views

WordPress Traveler theme < 3.2.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Traveler versions 3.2.8...

8.8CVSS5.8AI score0.00209EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24367 WordPress Traveler theme < 3.2.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.8...

8.5CVSS5.6AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.9 views

CVE-2026-24367

CVE-2026-24367 (WordPress Traveler theme) is a SQL Injection vulnerability in Traveler that allows blind SQL injection. Affected software: Traveler versions before 3.2.8 (i.e.,

8.5CVSS5.6AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.30 views

CVE-2025-67917 WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...

6.5CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 9:17 a.m.5 views

CVE-2025-67917 WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/01/08 9:17 a.m.18 views

CVE-2025-67917

CVE-2025-67917 describes a Missing Authorization vulnerability in Travel Traveler (Travel Booking WordPress Theme), affecting Travel Traveler up to version 3.2.6. The root cause is incorrectly configured access control that could allow unauthorized access to certain resources. Wordfence documenta...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.3 views

CVE-2025-64371 WordPress Traveler theme < 3.2.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...

8.5CVSS7.2AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:22 a.m.13 views

CVE-2025-64371

The CVE-2025-64371 entry concerns the WordPress Traveler theme (Traveler) with a SQL Injection vulnerability in versions prior to 3.2.6. The root cause is improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected product/version: WordPress Traveler theme ...

8.5CVSS7.2AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.2 views

CVE-2025-63028 WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...

5.3CVSS6.6AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.13 views

CVE-2025-63028

CVE-2025-63028 : WordPress Traveler theme (Traveller)

5.3CVSS6.6AI score0.00216EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/06 6:40 p.m.6 views

WordPress Traveler theme < 3.2.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Traveler versions 3.2.6...

8.1CVSS7AI score0.00337EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.12 views

CVE-2025-59012 WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.3...

7.1CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/26 8:31 a.m.0 views

CVE-2025-59012 WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.3...

7.1CVSS5.9AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/26 8:31 a.m.2 views

CVE-2025-59011 WordPress Traveler Theme < 3.2.3 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through 3.2.3...

7.5CVSS5.9AI score0.00356EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.10 views

CVE-2025-59011 WordPress Traveler Theme < 3.2.3 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through 3.2.3...

7.5CVSS0.00356EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/06 4:51 a.m.6 views

WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Traveler versions 3.2.3...

7.1CVSS6.1AI score0.00219EPSS
Exploits0Affected Software1
Rows per page
Query Builder