Skip to main content

WP Travel Gutenberg Blocks CVE-2026-54808

CRITICAL
SQL Injection (CWE-89)
2026-06-17 Patchstack
9.3
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
9.3 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
vuln.today AI
9.4 CRITICAL

Unauthenticated network SQLi against a WordPress plugin endpoint warrants AV:N/AC:L/PR:N/UI:N; blind SQLi typically permits read and write to the DB so C:H/I:H, with no scope change since impact stays within the WordPress DB trust boundary.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 14:26 vuln.today

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection.

This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4.

AnalysisAI

Blind SQL injection in the WP Travel Gutenberg Blocks WordPress plugin (versions up to and including 3.9.4) allows remote unauthenticated attackers to inject arbitrary SQL into backend queries, exfiltrating data from the WordPress database via inference-based techniques. The CVSS 9.3 score reflects a scope-changed impact (S:C) where database compromise affects components beyond the plugin itself, though no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify WordPress site running WP Travel Gutenberg Blocks
Delivery
Locate vulnerable plugin endpoint
Exploit
Send blind SQLi payload
Execution
Infer database contents via boolean/timing
Persist
Exfiltrate user hashes and secrets
Impact
Crack hashes or hijack admin sessions

Vulnerability AssessmentAI

Exploitation Exploitation requires the WP Travel Gutenberg Blocks plugin (version ≤ 3.9.4) to be installed and activated on a target WordPress site, with the vulnerable endpoint reachable over the network - typically meaning the WordPress front end or REST API is internet-exposed, which is the default deployment. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Risk signals are mixed and warrant careful interpretation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends crafted HTTP requests to a public WordPress endpoint exposed by the WP Travel Gutenberg Blocks plugin (typically a block-rendering AJAX action, REST route, or shortcode parameter), injecting boolean- or time-based SQL payloads into a vulnerable parameter. Using automated tools such as sqlmap with the --technique=BT flag, the attacker iteratively infers database contents, exfiltrating wp_users password hashes, wp_options secrets, and session tokens. …
Remediation Patch available per vendor advisory - upgrade WP Travel Gutenberg Blocks to a version newer than 3.9.4 once the fixed release is published by WP Travel; consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/wp-travel-blocks/vulnerability/wordpress-wp-travel-gutenberg-blocks-plugin-3-9-4-sql-injection-vulnerability for the exact fixed version. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all WordPress installations for WP Travel Gutenberg Blocks up to version 3.9.4; disable the plugin immediately if business operations permit replacement. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-54808 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy