Travel Monster
by WordPress
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-24607 | Med | 0.34 | 5.3 | 0.00 | Jan 23, 2026 | Missing Authorization vulnerability in wptravelengine Travel Monster travel-monster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Monster: from n/a through <= 1.3.3. | |
| CVE-2024-37272 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in wptravelengine Travel Monster travel-monster allows Cross Site Request Forgery.This issue affects Travel Monster: from n/a through <= 1.1.2. |
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in wptravelengine Travel Monster travel-monster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Monster: from n/a through <= 1.3.3.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in wptravelengine Travel Monster travel-monster allows Cross Site Request Forgery.This issue affects Travel Monster: from n/a through <= 1.1.2.