VYPR

WpTravelly

by Magepeople inc.

CVEs (3)

  • CVE-2026-27331MedMay 26, 2026
    risk 0.41cvss 6.3epss 0.00

    Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5.

  • CVE-2024-0434MedMay 29, 2024
    risk 0.34cvss 5.3epss 0.00

    The WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ttbm_new_place_save' function in all versions up to, and including, 1.7.1. This makes it…

  • CVE-2026-39565MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a through <= 2.1.7.