WP%20Travel%20Gutenberg%20Blocks

CVE-2025-53207

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-8.1||HIGH

EPSS-0.15% / 36.32%

||

7 Day CHG+0.04%

Published-20 Aug, 2025 | 08:03

Updated-20 Aug, 2025 | 15:12

WordPress WP Travel Gutenberg Blocks plugin <= 3.9.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel WP Travel Gutenberg Blocks allows PHP Local File Inclusion. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.0.

Vendor-WP Travel

Product-WP Travel Gutenberg Blocks

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CVE-2024-47627

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.08% / 23.41%

||

7 Day CHG~0.00%

Published-05 Oct, 2024 | 13:30

Updated-07 Oct, 2024 | 17:47

WordPress WP Travel Gutenberg Blocks plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through 3.6.0.

Vendor-WP Travel

Product-WP Travel Gutenberg Blocks

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-43284

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.08% / 23.41%

||

7 Day CHG~0.00%

Published-18 Aug, 2024 | 21:15

Updated-19 Aug, 2024 | 16:12

WordPress WP Travel Gutenberg Blocks plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through 3.5.1.

Vendor-WP Travel

Product-WP Travel Gutenberg Blocks

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP Travel Gutenberg Blocks

Source -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -