CVE-2024-11926: Traveler <= 3.1.6 - Missing Authorization in Several AJAX Actions

6.5 CVSS

Description

The Travel Booking WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '__stPartnerCreateServiceRental', 'st_delete_order_item', '_st_partner_approve_booking', 'save_order_item', and '__userDenyEachInfo' functions in all versions up to, and including, 3.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify posts, delete posts and pages, approve arbitrary orders, insert orders with arbitrary prices, and deny user information.

Classification

CVE ID: CVE-2024-11926

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.5

Affected Products

Vendor: ShineTheme

Product: Travel Booking WordPress Theme

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 18.49% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/d21c7537-8437-43aa-ab52-9e14d27a6e7f?source=cve
https://travelerwp.com/traveler-changelog/

Timeline

2024-12-19 00:30:35 UTC
CVE

Traveler <= 3.1.6 - Missing Authorization in Several AJAX Actions