Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Booking and Rental Manager: Untrusted Data Injection Risk
CVE-2025-69328
Summary
An attacker can inject malicious code into Booking and Rental Manager, potentially stealing sensitive data or taking control of the system. This issue affects all versions of the plugin up to 2.5.9. To protect your data, update to a fixed version of Booking and Rental Manager as soon as possible.
Original title
Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental...
Original description
Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through <= 2.5.9.
nvd CVSS3.1
8.8
Vulnerability type
CWE-502
Deserialization of Untrusted Data
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026