The Booking and Rental Manager plugin for WordPress has a security issue where attackers with contributor-level access or higher can include and run any files on the server, including PHP code. This can lead to unauthorized access, stealing of private information, or running malicious code, even if the file type is typically considered safe, like images.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
