CRITICAL
WP Travel
CVE published 2026-06-17
CVE-2026-54808
A critical SQL injection vulnerability, known as CVE-2026-54808, has been identified in the WP Travel Gutenberg Blocks plugin. This vulnerability, with a CVSS score of 9.3, allows for blind SQL injection attacks and affects the plugin versions from n/a through 3.9.4. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the affected plugin should take immediate acti [truncated]