| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2437 | WP Travel Engine - Travel and Tour Booking Plugin <= 6.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wte_trip_tax Shortcode | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | Medium | 6.4 | 2026-04-04 08:25:19 | Deep Dive |
| CVE-2026-1806 | Tour & Activity Operator Plugin for TourCMS <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes | tourcms | Tour & Activity Operator Plugin for TourCMS | Medium | 6.4 | 2026-03-21 03:26:47 | Deep Dive |
| CVE-2025-7634 | WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | Critical | 9.8 | 2025-10-09 05:23:53 | Deep Dive |
| CVE-2025-7526 | WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | Critical | 9.8 | 2025-10-09 05:23:52 | Deep Dive |
| CVE-2025-5282 | WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | High | 7.5 | 2025-06-13 03:41:45 | Deep Dive |
| CVE-2024-10606 | WP Travel Engine <= 6.2.1 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | Medium | 4.3 | 2024-11-23 04:32:22 | Deep Dive |
| CVE-2024-9851 | LSX Tour Operator <= 1.4.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | feedmymedia | Tour Operator | Medium | 6.4 | 2024-11-21 02:06:20 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |