cleantalk
Vulnerabilities and Security Researches

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin, CVE-2025-27011

CVE, Research URL

CVE-2025-27011

Home page URL

Security reports for Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Application

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Published on
Apr 16, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam Booking and Rental Manager allows PHP Local File Inclusion. This issue affects Booking and Rental Manager: from n/a through 2.2.8.
Affected versions
Min -, max 2.2.9.
Status
vulnerable
Previous vulnerability researches
ElementsKit Elementor addons (CVE-2024-8546) , Sep 25, 2024
ElementsKit Elementor addons (CVE-2024-11180) , Mar 31, 2025
ElementsKit Elementor addons (CVE-2024-37255) , Jul 01, 2024
ElementsKit Elementor addons (CVE-2024-10091) , Oct 26, 2024
ElementsKit Elementor addons , Dec 27, 2024
New vulnerability
Course Booking System (CVE-2025-32508) , Apr 19, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-39588) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2025-0861) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2025-22636) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2024-13626) , Apr 19, 2025