cleantalk
Vulnerabilities and Security Researches

WP Travel – Best Travel Booking WordPress Plugin, Tour Management Engine, CVE-2024-44039

CVE, Research URL

CVE-2024-44039

Home page URL

Security reports for WP Travel – Best Travel Booking WordPress Plugin, Tour Management Engine

Application

WP Travel – Best Travel Booking WordPress Plugin, Tour Management Engine

Published on
Oct 06, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel allows Stored XSS.This issue affects WP Travel: from n/a through 9.3.1.
Affected versions
max 9.4.0.
Status
vulnerable
Previous vulnerability researches
WP Travel Gutenberg Blocks (CVE-2025-62063) , Nov 11, 2025
WP Travel Gutenberg Blocks (CVE-2025-53207) , Jul 05, 2025
WP Travel Gutenberg Blocks (CVE-2024-43284) , Aug 20, 2024
WP Travel Gutenberg Blocks (CVE-2024-47627) , Oct 03, 2024
WP Travel – Best Travel Booking WordPress Plugin, Tour Management Engine (CVE-2024-44039) , Sep 28, 2024
New vulnerability
OceanWP (CVE-2025-8944) , May 14, 2026
130+ Widgets | Best Addons For Elementor – FREE (CVE-2026-45214) , May 14, 2026
Court Reservation – Manage Your Court Bookings Online (CVE-2026-1250) , May 14, 2026
Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend (CVE-2026-42741) , May 14, 2026
WP Travel – Best Travel Booking WordPress Plugin, Tour Management Engine (CVE-2026-45218) , May 14, 2026