N/A
2026-03-18< 3.2.8.1
CVE-2026-25449
Travel Booking
Vulnerabilities 35Slug traveler
Minimum safe version
3.2.8.1
Update to 3.2.8.1 or later to address 33 fixable vulnerabilities
⚠ 2 vulnerabilities have no fix
High 8.5
2026-01-22< 3.2.8
CVE-2026-24367
Medium 6.5
2026-01-08< 3.2.7
CVE-2025-67917
High 8.5
2025-12-18< 3.2.6
CVE-2025-64371
High 7.1
2025-12-18< 3.2.6
CVE-2025-64372
High 8.1
2025-12-18< 3.2.6
CVE-2025-64373
Medium 5.3 Unfixed
2025-12-09≤ 3.2.6
CVE-2025-63028
High 7.5
2025-09-26< 3.2.3
CVE-2025-59011
High 7.1
2025-09-26< 3.2.3
CVE-2025-59012
Critical 9.3
2025-07-16< 3.2.2
CVE-2025-52714
High 8.2
2025-03-28< 3.2.1
CVE-2025-26733
High 7.6
2025-03-28< 3.2.1
CVE-2025-26956
Critical 9.3
2025-03-28< 3.2.1
CVE-2025-26898
Critical 9.0 Unfixed
2025-03-27≤ 3.1.8
CVE-2025-26873
Critical 9.8
2025-03-15< 3.1.9
Traveler <= 3.1.8 - Unauthenticated Local File Inclusion via hotel_alone_load_more_post
Medium 6.1
2025-03-15< 3.1.9
Traveler <= 3.1.8 - Reflected Cross-Site Scripting
High 8.8
2025-02-27< 3.2.0
CVE-2024-12811
Medium 6.5
2024-12-18< 3.1.7
CVE-2024-11926
High 7.5
2024-12-18< 3.1.7
CVE-2024-11912
N/A
< 2.8.4
Travel Booking < 2.8.4 - Unauthenticated Cross-Site Scripting (XSS)
N/A
< 2.7.8.4
Travel Booking < 2.7.8.4 - Reflected & Stored XSS
N/A
< 2.8.4
Travel Booking < 2.8.4 - Unauthenticated SQL Injection
N/A
< 2.8.2
Travel Booking < 2.8.2 - Unauthenticated Reflected XSS
N/A
< 2.7.8.6
Travel Booking < 2.7.8.6 - Reflected & Persistent XSS Issues
N/A
2019-05-05< 2.7.8.4
Travel Booking WordPress Theme < 2.7.8.4 - Cross-Site Scripting
N/A
2020-01-13< 2.7.8.6
Traveler – Travel Booking WordPress Theme < 2.7.8.6 - Cross-Site Scripting
N/A
2020-06-17< 2.8.2
Travel Booking WordPress Theme < 2.8.2 - Cross-Site Scripting
N/A
2020-06-23< 2.8.4
Traveler – Travel Booking WordPress Theme < 2.8.4 - Cross-Site Scripting
N/A
2020-06-23< 2.8.4
Travel Booking WordPress Theme < 2.8.4 - SQL Injection
N/A
2019-05-05< 2.7.8.4
WordPress Travel Booking theme <= 2.7.8.3 - Reflected & Stored Cross-Site Scripting (XSS) vulnerabilities
N/A
2019-06-11< 2.7.1
WordPress Travel Booking Theme <= 2.7 - Reflected & Stored Cross-Site Scripting XSS vulnerability
N/A
2020-01-13< 2.7.8.6
WordPress Travel Booking theme <= 2.7.8.5 - Reflected & Persistent Cross-Site Scripting (XSS) vulnerabilities
N/A
2020-06-19< 2.8.2
WordPress Travel Booking theme <= 2.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
N/A
2020-07-09< 2.8.4
WordPress Travel Booking theme <= 2.8.3 - Unauthenticated Cross-Site Scripting (XSS) vulnerability
N/A
2020-07-09< 2.8.4
WordPress Travel Booking theme <= 2.8.3 - Unauthenticated SQL Injection (SQLi) vulnerability