WP Travel Engine
WP Travel Engine
Developer
6.7.8
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
0 present
15 patched
7 Mitigation rules
- Unauthenticated Local File Inclusion vulnerability<= 6.6.708/10/2025
- Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming vulnerability<= 6.6.708/10/2025
- Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability<= 6.5.113/06/2025
- Local File Inclusion Vulnerability<= 6.5.105/06/2025
- Local File Inclusion vulnerability<= 6.3.527/03/2025
- Local File Inclusion vulnerability<= 6.3.527/03/2025
- Missing Authorization to Authenticated (Contributor+) Plugin Settings Update vulnerability<= 6.2.122/11/2024
- Cross Site Scripting (XSS) vulnerability<= 5.9.110/07/2024
- Price Manipulation vulnerability<= 5.8.022/04/2024
- SQL Injection vulnerability<= 5.7.928/03/2024
- Unauth. Blind SQL Injection vulnerability<= 5.7.928/03/2024
- Reflected Cross Site Scripting (XSS) vulnerability< 5.7.518/07/2023
- Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability<= 5.3.728/02/2022
- Sensitive Information Disclosure vulnerability<= 5.3.728/02/2022
- Stored Cross-Site Scripting (XSS) vulnerability<= 5.3.001/12/2021