| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-0434 | WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly <= 1.7.1 - Missing Authorization via ttbm_new_place_save | magepeopleteam | Travelly – Tour & Travel Booking Manager for WooCommerce | Tour & Hotel Booking Solution | Medium | 5.3 | 2024-05-29 03:30:59 | Deep Dive |
| CVE-2024-33941 | WordPress iPanorama 360 plugin <= 1.8.1 - Broken Access Control vulnerability | Avirtum | iPanorama 360 WordPress Virtual Tour Builder | Medium | 5.3 | 2024-05-03 07:26:32 | Deep Dive |
| CVE-2023-5336 | iPanorama 360 – WordPress Virtual Tour Builder <= 1.8.0 - Authenticated (Contributor+) SQL Injection via Shortcode | avirtum | iPanorama 360 – Advanced Virtual Tour Builder | High | 8.8 | 2023-10-19 01:53:49 | Deep Dive |
| CVE-2021-4389 | WP Travel <= 4.4.6 - Cross-Site Request Forgery Bypass | wptravel | WP Travel – Ultimate Travel Booking System, Tour Management Engine | Medium | 4.3 | 2023-07-01 04:26:48 | Deep Dive |
| CVE-2023-25708 | WordPress WP VR – 360 Panorama and Virtual Tour Builder For WordPress Plugin <= 8.2.7 is vulnerable to Cross Site Request Forgery (CSRF) | Rextheme | WP VR – 360 Panorama and Virtual Tour Builder For WordPress | Medium | 4.3 | 2023-03-15 10:30:25 | Deep Dive |
| CVE-2022-4392 | iPanorama 360 WordPress Virtual Tour Builder <= 1.6.29 - Contributor+ Stored XSS | Unknown | iPanorama 360 WordPress Virtual Tour Builder | 中危 | - | 2023-01-09 22:13:29 | Deep Dive |
| CVE-2021-24680 | WP Travel Engine < 5.3.1 - Editor+ Stored Cross-Site Scripting | Unknown | WP Travel Engine – Travel and Tour Booking Plugin | 中危 | - | 2022-01-03 12:49:02 | Deep Dive |