WP Travel Engine
Moderate fix1 remedy
cpe:2.3:a:wptravelengine:wp_travel_engine:*:*:*:*:wordpress:*:*
Moderate fix1 remedy
- <= 6.6.7
WP Travel Engine Tour Booking Plugin Arbitrary File Deletion Vulnerability
Vulnerability
Patched
A vulnerability allowing arbitrary file deletion has been identified in the WP Travel Engine Tour Booking Plugin for WordPress, affecting all versions through 6.6.7. The issue arises from inadequate file path validation in the 'set_user_profile_image' function, which could enable unauthenticated attackers to delete arbitrary files on the server. This deletion could lead to remote code execution if critical files, such as 'wp-config.php', are removed.
Impact
Exploitation of this vulnerability could result in unauthorized file deletion on the server, potentially leading to remote code execution if a sensitive file is deleted.
Reproduction
The vulnerability can be reproduced by sending a request to the 'set_user_profile_image' function with a payload that includes a file path of an arbitrary file to be deleted. The request must be made without authentication, taking advantage of the insufficient validation of the file path.
Remediation
Users are advised to update the WP Travel Engine Tour Booking Plugin to version 6.6.8 or later.
Added: Oct 9, 2025, 6:18 AM
Updated: Oct 9, 2025, 6:18 AM
Vulnerability Rating
Custom Algorithm
spread
3.4impact
10.0exploitability
9.3remediation
7.7relevance
0.7threat
4.8urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.