CVE-2025-67997 | Travelicious Plugin up to 1.6.6 on WordPress deserialization

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability labeled as critical has been found in Travelicious Plugin up to 1.6.6 on WordPress. This impacts an unknown function. Executing a manipulation can lead to deserialization.

This vulnerability is registered as CVE-2025-67997. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.

CVE-2025-67997 | Travelicious Plugin up to 1.6.6 on WordPress deserialization

Post correlati

CVE-2024-20404 | Cisco Unified Contact Center Enterprise Web-Based Management Interface server-side request forgery (cisco-sa-finesse-ssrf-rfi-Um7wT8Ew)

CVE-2024-7945 | itsourcecode Laravel Property Management System 1.0 Notes Page /admin/notes/create Note text cross site scripting

CVE-2024-7441 | Vivotek SD9364 VVTK-0103f httpd read Content-Length stack-based overflow

CVE-2025-3230 | Mattermost up to 9.11.12/10.5.3/10.6.2/10.7.0 Access Token incorrect implementation of authentication algorithm