ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Traveler - Travel Booking Theme <=2.7.1 - Reflected & Stored Cross-Site Scripting XSS vulnerability

Product
Traveler
Description
Reflected & Stored Cross-Site Scripting XSS vulnerability found by QUIXSS in WordPress Traveler - Travel Booking Theme (versions <=2.7.1).
Solution
11 June 2019 - we were unable to find a fixed version.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Theme changelog
CVE
Name CVE-N/A
Versions
Affected In <=2.7.1
Disclosure date
2019-06-11
Credits
QUIXSS
Submitter
ThreatPress