cleantalk
Vulnerabilities and Security Researches

WP Travel Engine – Best Travel Booking WordPress Plugin, 75e90ac8f3517df513e17255d4d6299a9bc56cf5

CVE, Research URL

75e90ac8f3517df513e17255d4d6299a9bc56cf5

Home page URL

Security reports for WP Travel Engine – Best Travel Booking WordPress Plugin

Application

WP Travel Engine – Best Travel Booking WordPress Plugin

Published on
Feb 28, 2022
Research Description
WP Travel Engine &#8211; Tour Booking Plugin &#8211; Tour Operator Software [wp-travel-engine] < 5.3.8 WordPress WP Travel Engine plugin <= 5.3.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress WP Travel Engine plugin (versions <= 5.3.7).
Affected versions
max 5.3.8.
Status
vulnerable
Previous vulnerability researches
WP Travel Engine &#8211; Best Travel Booking WordPress Plugin (CVE-2025-30870) , May 06, 2025
WP Travel Engine &#8211; Best Travel Booking WordPress Plugin (CVE-2024-37944) , Jul 14, 2024
WP Travel Engine &#8211; Best Travel Booking WordPress Plugin (CVE-2026-49770) , Jun 11, 2026
WP Travel Engine &#8211; Best Travel Booking WordPress Plugin (CVE-2024-10606) , Nov 24, 2024
WP Travel Engine &#8211; Best Travel Booking WordPress Plugin (CVE-2026-2437) , Apr 13, 2026
New vulnerability
Image Sizes on Demand (CVE-2026-8622) , Jun 25, 2026
Simple Basic Contact Form (CVE-2026-8172) , Jun 25, 2026
Kargo Takip (CVE-2026-12095) , Jun 25, 2026
WP-Forms-Connector (CVE-2026-9178) , Jun 25, 2026
WP-Forms-Connector (CVE-2026-9179) , Jun 25, 2026