EUVD-2026-35307

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

6Storage Rentals <= 2.20.0 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The 6Storage Rentals plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from...

WordPress 6Storage Rentals plugin server-side request forgery vulnerability

WordPress 6Storage Rentals plugin is a plugin designed for WordPress websites, designed to help webmasters easily manage the rental booking process for storage facilities. WordPress 6Storage Rentals plugin suffers from a server-side request forgery vulnerability, which stems from the server not...

CVE-2025-67623

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

EUVD-2025-205282

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.19.9...

CVE-2025-67623

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

PT-2025-53241

Name of the Vulnerable Software and Affected Versions 6Storage versions prior to 2.20.0 Description A Server-Side Request Forgery SSRF vulnerability exists in 6Storage Rentals. This issue allows for Server Side Request Forgery. Recommendations Update 6Storage to version 2.20.0 or later...

WordPress 6Storage Rentals plugin <= 2.20.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin 6Storage Rentals versions = 2.20.1...

EUVD-2025-28104

Malicious code in bioql PyPI...

WordPress 6Storage Rentals plugin authorization issue vulnerability

WordPress 6Storage Rentals plugin is an easy to use plugin that allows tenants to book the desired storage facility on your website. WordPress 6Storage Rentals plugin suffers from an authorization issue vulnerability that stems from a lack of authorization, no details of the vulnerability are...