cleantalk
Vulnerabilities and Security Researches

XML Travel Portal Widget, CVE-2025-49968

CVE, Research URL

CVE-2025-49968

Home page URL

Security reports for XML Travel Portal Widget

Application

XML Travel Portal Widget

Published on
Jun 20, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Oganro XML Travel Portal Widget allows Cross Site Request Forgery. This issue affects XML Travel Portal Widget: from n/a through 2.0.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
WPThumb (CVE-2025-49983) , Jun 23, 2025
New vulnerability
Import YouTube videos as WP Posts (CVE-2025-52802) , Jun 23, 2025
Download Attachments (CVE-2025-49995) , Jun 23, 2025
WP User Profile Avatar (CVE-2025-49980) , Jun 23, 2025
Mailing Group Listserv (CVE-2025-50036) , Jun 23, 2025
XML Travel Portal Widget (CVE-2025-49968) , Jun 23, 2025