CVE-2025-67917

Name: Websites susceptible to CVE-2025-67917
Creator: WebTechSurvey

CVE-2025-67917

WordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through <= 3.2.6.

We have discovered 1,511 live websites that are affected by CVE-2025-67917.

Run a Free Instant Scan

Affected Software


Product	Traveler
Category	Wordpress Themes
Vulnerable Domains	1,511 live websites (100% of Traveler install base)
Vulnerable Versions	from 0 through 3.2.6
Vulnerable Versions Count	5 versions ( 100% of all versions)

Available Reports

Website List

Details

Published - Jan 8, 2026
Updated - Jan 20, 2026

Credits

Rafie Muhammad (Patchstack) (finder)

CVE References

Website Distribution by Country

Number of websites using CVE-2025-67917

United States	397 websites

Germany	123 websites
Cyprus	117 websites
India	95 websites
Italy	69 websites
Vietnam	66 websites
Greece	50 websites
Spain	42 websites
GB	42 websites
France	37 websites

Website Distribution by TLD

Number of websites using CVE-2025-67917

.com	984 websites
.it	43 websites
.net	34 websites
.ru	18 websites
.com.br	13 websites
.nl	13 websites
.es	12 websites
.org	12 websites
.co.uk	12 websites
.de	12 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-67917

Top websites that are affected by CVE-2025-67917. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
**************.com	India	*,*
*************.hr	Croatia	*,*
******************.de	Belgium	*,*
****************.org	United States	*,*
***************.com	Cyprus	*,*
*************.com	Portugal	*,*
***.********.com	United States	*,*
***.de	Germany	,,*
****.********.com	United States	,,*
*****.rest	Ukraine	,,*