All 2 CVE vulnerabilities found in WP Travel – Ultimate Travel Booking System, Tour Management Engine, with AI-generated Chinese analysis, references, and POCs.
Vendor: wptravel
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12067 | WP Travel – Ultimate Travel Booking System, Tour Management Engine <= 10.0.0 - Authenticated (Subscriber+) SQL Injection CWE-89 | 6.5 | Medium | 2025-01-09 |
| CVE-2021-4389 | WP Travel <= 4.4.6 - Cross-Site Request Forgery Bypass CWE-352 | 4.3 | Medium | 2023-07-01 |
All 2 known CVE vulnerabilities affecting WP Travel – Ultimate Travel Booking System, Tour Management Engine with full Chinese analysis, references, and POCs where available.