Product
wptravelengine wp travel engine
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-5282
CVE-2025-30870
CVE-2025-30871
CVE-2024-10606
CVE-2024-37944
CVE-2024-32798
CVE-2024-30504
CVE-2024-30502
CVE-2021-24680
< 6.5.2
The WP Travel Engine - Tour Booking Plugin - Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of dat
< 6.3.6
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel
< 6.3.6
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel
< 6.2.2
The WP Travel Engine - Tour Booking Plugin - Tour Operator Software plugin for WordPress is vulnerable to unauthorized modificatio
< 5.9.2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel Engine allo
< 5.8.1
Missing Authorization vulnerability in WP Travel Engine.This issue affects WP Travel Engine: from n/a through 5.8.0.
< 5.8.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel Engine.This issue
< 5.8.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel Engine.This issue
< 5.3.1
The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip T