cleantalk
Vulnerabilities and Security Researches

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin, CVE-2025-27011

CVE, Research URL

CVE-2025-27011

Home page URL

Security reports for Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Application

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Published on
Apr 16, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam Booking and Rental Manager allows PHP Local File Inclusion. This issue affects Booking and Rental Manager: from n/a through 2.2.8.
Affected versions
Min -, max 2.2.9.
Status
vulnerable
Previous vulnerability researches
Cool Flipbox – Shortcode & Gutenberg Block (CVE-2025-32521) , Apr 14, 2025
New vulnerability
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-39588) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2025-0861) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2025-22636) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2024-13626) , Apr 19, 2025
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2024-11924) , Apr 19, 2025