WPTravel 厂商相关 3 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
| CVE ID | タイトル | CVSS | 深刻度 | 公開日 |
|---|---|---|---|---|
| CVE-2026-4290 | WP Travel Pro <= 10.6.0 - Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators — WP Travel ProCWE-862 | 9.1 | Critical | 2026-05-29 |
| CVE-2024-12067 | WP Travel – Ultimate Travel Booking System, Tour Management Engine <= 10.0.0 - Authenticated (Subscriber+) SQL Injection — WP Travel – Ultimate Travel Booking System, Tour Management EngineCWE-89 | 6.5 | Medium | 2025-01-09 |
| CVE-2021-4389 | WP Travel <= 4.4.6 - Cross-Site Request Forgery Bypass — WP Travel – Ultimate Travel Booking System, Tour Management EngineCWE-352 | 4.3 | Medium | 2023-07-01 |
本页汇总了 WPTravel 厂商截至目前公开的全部 3 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。