Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

magepeopleteam — Vulnerabilities & Security Advisories 42

Browse all 42 CVE security advisories affecting magepeopleteam. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MagePeopleTeam operates as a software development entity primarily focused on creating extensions and modules for the Magento e-commerce platform. Their portfolio includes various plugins designed to enhance store functionality, such as payment gateways, shipping solutions, and marketing tools. Historically, vulnerabilities associated with their products frequently involve Cross-Site Scripting (XSS), SQL Injection, and Remote Code Execution (RCE). These flaws often stem from insufficient input validation and improper access controls within their custom codebases. Notable incidents include multiple critical CVEs that allowed attackers to execute arbitrary commands or steal sensitive customer data from compromised Magento stores. The high volume of recorded issues suggests a pattern of recurring security oversights in their development lifecycle. While some vulnerabilities have been patched, the sheer number of disclosed CVEs indicates persistent challenges in maintaining robust security standards across their diverse range of third-party integrations.

Found 10 results / 42Clear Filters
Top products by magepeopleteam: WpEvently Booking and Rental Manager Bus Ticket Booking with Seat Reservation WpTravelly Taxi Booking Manager for WooCommerce WpBookingly Travelly – Tour & Travel Booking Manager for WooCommerce | Tour & Hotel Booking Solution Multipurpose Ticket Booking Manager Booking and Rental Manager for Bike | Car | Resort | Appointment | Dress | Equipment Event Booking Manager for WooCommerce E-cab Taxi Booking Manager for Woocommerce Car Rental Manager
CVE IDTitleCVSSSeverityPublished
CVE-2026-23972 WordPress Booking and Rental Manager plugin <= 2.6.0 - Broken Access Control vulnerability — Booking and Rental ManagerCWE-862 6.5 Medium2026-03-25
CVE-2025-69328 WordPress Booking and Rental Manager plugin <= 2.5.9 - PHP Object Injection vulnerability — Booking and Rental ManagerCWE-502 8.8 High2026-02-20
CVE-2025-64266 WordPress Booking and Rental Manager plugin <= 2.5.4 - PHP Object Injection vulnerability — Booking and Rental ManagerCWE-502 8.8 High2025-12-18
CVE-2025-49904 WordPress Booking and Rental Manager plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability — Booking and Rental ManagerCWE-79 7.1 High2025-11-06
CVE-2025-47585 WordPress Booking and Rental Manager plugin <= 2.3.8 - Broken Access Control vulnerability — Booking and Rental ManagerCWE-862 6.5 Medium2025-06-02
CVE-2025-39390 WordPress Booking and Rental Manager plugin <= 2.3.6 - Broken Access Control vulnerability — Booking and Rental ManagerCWE-862 5.3 Medium2025-04-24
CVE-2025-39457 WordPress Booking and Rental Manager plugin <= 2.2.8 - Broken Access Control vulnerability — Booking and Rental ManagerCWE-862 5.3 Medium2025-04-17
CVE-2025-27011 WordPress Booking and Rental Manager plugin <= 2.2.8 - Local File Inclusion vulnerability — Booking and Rental ManagerCWE-98 7.5 High2025-04-15
CVE-2025-26921 WordPress Booking and Rental Manager Plugin <= 2.2.6 - PHP Object Injection vulnerability — Booking and Rental ManagerCWE-502 8.8 High2025-03-15
CVE-2025-22720 WordPress WpRently | WordPress plugin plugin <= 2.2.1 - Broken Access Control vulnerability — Booking and Rental ManagerCWE-862 5.8 Medium2025-01-31

This page lists every published CVE security advisory associated with magepeopleteam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.