What the vulnerability does
01Description
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
What the vulnerability does
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
Explanation of Vulnerability in Simple Terms
WP Travel Engine versions up to 6.7.10 contain an integrity vulnerability allowing attackers to modify data without authentication. The flaw requires only network access and no user interaction. An attacker can alter site content or settings through this weakness, potentially compromising travel booking data or site configuration.
What an attacker can do
Modify site data or settings without logging in.
Potential impact on your site
Attackers can alter travel bookings, pricing, site content, or configuration without your knowledge.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities