Browse all 8 CVE security advisories affecting WP Travel Engine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WP Travel Engine is a WordPress plugin designed for travel agencies and tour operators to create booking and travel itinerary websites. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin has accumulated 8 CVEs to date, with several critical flaws allowing unauthorized access or malicious code execution. Security researchers have identified consistent patterns in input validation and access control weaknesses. While no major public security incidents have been widely reported, the high number of CVEs indicates ongoing security challenges that require regular updates and careful implementation by users.
This page lists every published CVE security advisory associated with WP Travel Engine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.