Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Traveler — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in Traveler, with AI-generated Chinese analysis, references, and POCs.

Vendor: shinetheme

CVE IDTitleCVSSSeverityPublished
CVE-2026-21790 HCL Traveler is susceptible to a weak default HTTP header validation vulnerability CWE-346 6.3 Medium2026-03-24
CVE-2026-21783 HCL Traveler is affected by sensitive information disclosure CWE-209 4.3 Medium2026-03-24
CVE-2026-25449 WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability CWE-502 9.8 Critical2026-03-18
CVE-2026-24367 WordPress Traveler theme < 3.2.8 - SQL Injection vulnerability CWE-89 8.5 High2026-01-22
CVE-2025-67917 WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability CWE-862 6.5 Medium2026-01-08
CVE-2025-64373 WordPress Traveler theme < 3.2.6 - Local File Inclusion vulnerability CWE-98 8.1 High2025-12-18
CVE-2025-64372 WordPress Traveler theme < 3.2.6 - Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2025-12-18
CVE-2025-64371 WordPress Traveler theme < 3.2.6 - SQL Injection vulnerability CWE-89 8.5 High2025-12-18
CVE-2025-63028 WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability CWE-862 5.3 Medium2025-12-09
CVE-2025-59012 WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2025-09-26
CVE-2025-59011 WordPress Traveler Theme < 3.2.3 - Arbitrary Content Deletion Vulnerability CWE-862 7.5 High2025-09-26
CVE-2025-52714 WordPress Traveler theme < 3.2.2 - SQL Injection Vulnerability CWE-89 9.3 Critical2025-07-16
CVE-2025-26733 WordPress Traveler theme < 3.2.1 - Broken Access Control vulnerability CWE-862 8.2 High2025-03-27
CVE-2025-26873 WordPress Traveler theme <= 3.1.8 - PHP Object Injection vulnerability CWE-502 9.0 Critical2025-03-27
CVE-2025-26898 WordPress Traveler theme < 3.2.1 - SQL Injection vulnerability CWE-89 9.3 Critical2025-03-27
CVE-2025-26956 WordPress Traveler theme < 3.2.1 - Broken Access Control vulnerability CWE-862 7.6 High2025-03-27

All 16 known CVE vulnerabilities affecting Traveler with full Chinese analysis, references, and POCs where available.