Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin, CVE-2025-49904

CVE, Research URL: CVE-2025-49904
Home page URL: Security reports for Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin
Application: Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin
Published on: Nov 06, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Reflected XSS.This issue affects Booking and Rental Manager: from n/a through <= 2.5.3.
Affected versions: max 2.5.3.
Status: vulnerable

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration &#8211; WpRently | WordPress plugin, CVE-2025-49904