The WP Travel plugin for WordPress is not secure and can be hacked in versions up to 10.1.0. This is because the plugin does not properly protect against attacks on user input and does not properly prepare its SQL queries. As a result, attackers who have been granted author-level access or higher can manipulate the plugin to extract sensitive information from the database.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
