CVE-2024-37272

Name of the Vulnerable Software and Affected Versions: WP Travel Engine Travel Monster versions 1.1.2 and earlier

Description: A Cross-Site Request Forgery (CSRF) issue affects the software, allowing unauthorized actions to be performed on behalf of a user. This can be exploited by tricking a user into performing an unintended action.

Recommendations: For WP Travel Engine Travel Monster versions 1.1.2 and earlier, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.