Vulnerabilities and security researches forbooking-and-rental-manager-for-woocommerce booking-and-rental-manager-for-woocommerce
Direction: descendingApr 19, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2025-39457
- CVE, Research URL
- Date
- Apr 17, 2025
- Research Description
- Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Booking and Rental Manager: from n/a through 2.2.8.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 17, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2025-27011
- CVE, Research URL
- Date
- Apr 16, 2025
- Research Description
- Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam Booking and Rental Manager allows PHP Local File Inclusion. This issue affects Booking and Rental Manager: from n/a through 2.2.8.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Mar 19, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2025-26921
- CVE, Research URL
- Date
- Mar 16, 2025
- Research Description
- Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager allows Object Injection. This issue affects Booking and Rental Manager: from n/a through 2.2.6.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Feb 02, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2025-22720
- CVE, Research URL
- Date
- Jan 31, 2025
- Research Description
- Missing Authorization vulnerability in MagePeople Team Booking and Rental Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Booking and Rental Manager: from n/a through 2.2.1.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Jan 12, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2024-12412
- CVE, Research URL
- Date
- Jan 11, 2025
- Research Description
- The Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘active_tab’ parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Jun 07, 2024
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin # CVE-2023-35048
- CVE, Research URL
- Date
- Jun 23, 2023
- Research Description
- Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <= 1.2.1 versions.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable