2 matches found
PT-2025-24236 · WordPress · Wp Travel Engine
Name of the Vulnerable Software and Affected Versions: WP Travel Engine versions through 6.5.1 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This allows PHP Local File Inclusion...
WordPress WP Travel Engine Plugin < 5.7.5 is vulnerable to Cross Site Scripting (XSS)
Software WP Travel Engine Type Plugin Vulnerable versions 5.7.5 Fixed in 5.7.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 801294ac323a Credits Rafie Muhammad Patchstack Require...