cleantalk
Vulnerabilities and Security Researches

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin, CVE-2026-23972

CVE, Research URL

CVE-2026-23972

Home page URL

Security reports for Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Application

Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin

Published on
Mar 25, 2026
Research Description
Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking and Rental Manager: from n/a through <= 2.6.0.
Affected versions
max 2.6.0.
Status
vulnerable
Previous vulnerability researches
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
New vulnerability
WP Sessions Time Monitoring Full Automatic (CVE-2026-32362) , Mar 30, 2026
Contact Form, Survey &amp; Popup Form Plugin for WordPress &#8211; ARForms Form Builder (CVE-2024-13785) , Mar 30, 2026
Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling (CVE-2025-15473) , Mar 30, 2026
iContact for Gravity Forms (CVE-2025-68863) , Mar 30, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-25417) , Mar 30, 2026