SQL Injection Vulnerability in Traveler Theme by ShineTheme
CVE-2026-24367

Currently unrated

Key Information:

Vendor

WordPress
Status
Traveler
Vendor
CVE Published:
22 January 2026

What is CVE-2026-24367?

The Traveler theme by ShineTheme is susceptible to an SQL Injection vulnerability, enabling attackers to execute blind SQL injection attacks. This flaw can allow unauthorized access and manipulation of the database. The issue exists in versions of the Traveler theme up to 3.2.8, necessitating prompt updates to safeguard against potential database breaches.

Affected Version(s)

Traveler <= n/a

References

https://patchstack.com/database/Wordpress/Theme/traveler/...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
JSON
.