Arbitrary File Upload Vulnerability in Travel Booking Plugin by WordPress
CVE-2026-56059
9.9CRITICAL
What is CVE-2026-56059?
The Travel Booking plugin prior to version 2.2.5 contains a vulnerability that allows unauthorized users to upload arbitrary files, potentially leading to remote code execution and significant security risks. It is crucial for users of this plugin to update to a secure version to prevent exploitation and safeguard their WordPress sites.
Affected Version(s)
Travel Booking <= 2.2.5