cleantalk
Vulnerabilities and Security Researches

WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly, CVE-2024-43212

CVE, Research URL

CVE-2024-43212

Home page URL

Security reports for WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly

Application

WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly

Published on
Nov 01, 2024
Research Description
Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7.
Affected versions
max 1.7.8.
Status
vulnerable
Previous vulnerability researches
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2024-43212) , Aug 13, 2024
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2025-22737) , Jan 17, 2025
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2024-0434) , Jun 07, 2024
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2024-32450) , Jun 07, 2024
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2026-39565) , Apr 13, 2026
New vulnerability
Events In City (CVE-2026-8898) , May 28, 2026
ElementsKit Elementor addons (CVE-2026-49052) , May 28, 2026
ElementsKit Elementor addons (CVE-2026-49053) , May 28, 2026
EnvíaloSimple: Email Marketing y Newsletters (CVE-2026-7618) , May 28, 2026
Shariff Wrapper (CVE-2026-4334) , May 28, 2026