Vulnerabilities and security researches fortravelfic-toolkit travelfic-toolkit

Apr 18, 2025

CVE, Research URL: CVE-2025-39585
Home page URL: Security reports for Travelfic Toolkit
Application: Travelfic Toolkit
Date: Apr 16, 2025
Research Description: Tourfic Toolkit [travelfic-toolkit] < 1.2.3 CVE-2025-39585 [en] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Travelfic Toolkit allows Stored XSS. This issue affects Travelfic Toolkit: from n/a through 1.2.1.
Affected versions: max 1.2.3.
Status: vulnerable

Feb 27, 2026

CVE, Research URL: CVE-2026-24940
Home page URL: Security reports for Travelfic Toolkit
Application: Travelfic Toolkit
Date: Feb 03, 2026
Research Description: Missing Authorization vulnerability in Themefic Travelfic Toolkit travelfic-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelfic Toolkit: from n/a through <= 1.3.3.
Affected versions: max 1.3.3.
Status: vulnerable